Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2013-0382)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.3AI score0.00451EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.18 views

Oracle: Security Advisory (ELSA-2014-0016)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS5.9AI score0.00451EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2015/04/09 12:0 a.m.40 views

SOL16396 - GnuPG vulnerability CVE-2013-4576

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

2.1CVSS1.4AI score0.00451EPSS
Exploits0References5
Prion
Prion
added 2014/10/10 1:55 a.m.25 views

Code injection

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...

2.1CVSS6.5AI score0.00531EPSS
Exploits0References5Affected Software2
OpenVAS
OpenVAS
added 2014/07/01 12:0 a.m.31 views

Fedora Update for gnupg FEDORA-2014-7676

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.4AI score0.00451EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/02/03 12:0 a.m.18 views

Fedora Update for gnupg FEDORA-2013-23603

Check for the Version of gnupg OpenVAS Vulnerability Test Fedora Update for gnupg FEDORA-2013-23603 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

2.1CVSS6.1AI score0.00451EPSS
Exploits0References2
Amazon
Amazon
added 2014/01/14 12:0 a.m.48 views

Medium: gnupg

Issue Overview: GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE:...

2.1CVSS6.8AI score0.00451EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/01/10 12:0 a.m.32 views

Scientific Linux Security Update : gnupg on SL5.x i386/x86_64 (20140108)

It was found that GnuPG was vulnerable to side-channel attacks via acoustic cryptanalysis. An attacker in close range to a target system that is decrypting ciphertexts could possibly use this flaw to recover the RSA secret key from that system. CVE-2013-4576 %NASLMINLEVEL 70300 C Tenable Network...

2.1CVSS6.6AI score0.00451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/01/09 12:0 a.m.54 views

CentOS 5 : gnupg (CESA-2014:0016)

An updated gnupg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

2.1CVSS6.5AI score0.00451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/01/09 12:0 a.m.27 views

Oracle Linux 5 : gnupg (ELSA-2014-0016)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2014-0016 advisory. 1.4.5-18.1 - fix CVE-2013-4576 acoustic side channel attack on RSA private keys Tenable has extracted the preceding description block directly from the Oracle...

2.1CVSS6.7AI score0.00451EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/01/08 6:16 p.m.32 views

Moderate: Red Hat Security Advisory: gnupg security update

An updated gnupg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

2.1CVSS6.7AI score0.00451EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/12/30 12:0 a.m.30 views

Fedora Update for gnupg FEDORA-2013-23678

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS7AI score0.0503EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/30 12:0 a.m.31 views

Fedora 19 : gnupg-1.4.16-2.fc19 (2013-23615)

What's New =========== - Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See .CVE-2013-45 76 - Put only the major version number by default into armored output. - Do not create a trustdb file if --trust-model=always is used....

2.1CVSS6.6AI score0.00451EPSS
Exploits0References4
CVE
CVE
added 2013/12/20 9:0 p.m.111 views

CVE-2013-4576

GnuPG 1.x before 1.4.16 is vulnerable to a side-channel attack during RSA key handling. The issue arises from sequences of introductions with certain patterns that enable a local attacker to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. The impact i...

2.1CVSS5.4AI score0.00451EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2013/12/20 5:29 p.m.10 views

MGASA-2013-0382 Updated gnupg package fixes CVE-2013-4576

Updated gnupg package fixes security vulnerability: Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts CVE-2013-4576...

2.1CVSS5.8AI score0.00451EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/20 12:0 a.m.26 views

Mandriva Linux Security Advisory : gnupg (MDVSA-2013:295)

A vulnerability has been discovered and corrected in gnupg : Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts CVE-2013-4576. The updated packages have been patched to correct...

2.1CVSS6.4AI score0.00451EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/12/19 12:0 a.m.31 views

FreeBSD : gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack (2e5715f8-67f7-11e3-9811-b499baab0cbe)

Werner Koch reports : CVE-2013-4576 has been assigned to this security bug. The paper describes two attacks. The first attack allows to distinguish keys: An attacker is able to notice which key is currently used for decryption. This is in general not a problem but may be used to reveal the...

2.1CVSS6.5AI score0.00451EPSS
Exploits0References3
Debian
Debian
added 2013/12/18 3:5 p.m.36 views

[SECURITY] [DSA 2821-1] gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2821-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 18, 2013 http://www.debian.org/security/faq -...

2.1CVSS5.5AI score0.00451EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2013/12/18 12:0 a.m.28 views

CVE-2013-4576

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...

2.1CVSS6.8AI score0.00451EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2013/12/18 12:0 a.m.45 views

gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack

Werner Koch reports: CVE-2013-4576 has been assigned to this security bug. The paper describes two attacks. The first attack allows to distinguish keys: An attacker is able to notice which key is currently used for decryption. This is in general not a problem but may be used to reveal the...

2.1CVSS6AI score0.00451EPSS
Exploits0References1
Rows per page
Query Builder