12 matches found
Security Bulletin: Vulnerability in Libcrypt++ affects PowerKVM (CVE-2015-2141)
Summary PowerKVM is affected by a vulnerability in libcrypt++. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2015-2141 DESCRIPTION: libcrypt++ could allow a remote attacker to obtain sensitive information, caused by weak Rabin-Williams digital signature algorithm in...
Mageia: Security Advisory (MGASA-2015-0317)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libcryptopp package fixes security vulnerability
Evgeny Sidorov discovered that libcryptopp did not properly implement blinding to mask private key operations for the Rabin-Williams digital signature algorithm. This could allow remote attackers to mount a timing attack and retrieve the user's private key CVE-2015-2141...
openSUSE Security Update : libcryptopp (openSUSE-2015-504)
libcryptopp was updated to fix one security issue. This security issue was fixed : - CVE-2015-2141: The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 did not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allowed...
Fedora 22 : cryptopp-5.6.2-9.fc22 (2015-10914)
Fix for CVE-2015-2141 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora Update for cryptopp FEDORA-2015-10914
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3296-1] libcrypto++ security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3296-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
DEBIAN-CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
CVE-2015-2141
libcrypt++ 5.6.2 contains a timing-attack vulnerability in InvertibleRWFunction::CalculateInverse used with Rabin–Williams signatures, enabling remote extraction of private keys. Affected component is the private-key blinding during Rabin–Williams operations; impact is private-key disclosure unde...
[SECURITY] [DLA 262-1] libcrypto++ security update
Package : libcrypto++ Version : 5.6.0-6+deb6u1 CVE ID : CVE-2015-2141 Evgeny Sidorov discovered that libcrypto++, a general purpose C++ cryptographic library, did not properly implement blinding to mask private key operations for the Rabin-Williams digital signature algorithm. This could allow...
[SECURITY] [DSA 3296-1] libcrypto++ security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3296-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini June 29, 2015 https://www.debian.org/security/faq -...