24 matches found
MiracleLinux 7 : nettle-2.7.1-8.el7 (AXSA:2016-1108:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1108:01 advisory. Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C ,...
SUSE: Security Advisory (SUSE-SU-2016:0455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2016-1061)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP1 : nettle (EulerOS-SA-2016-1061)
According to the versions of the nettle packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languagesC+...
Scientific Linux Security Update : nettle on SL7.x x86_64 (20161103)
Security Fixes : - Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality. CVE-2015-8803, CVE-2015-8804, CVE-2015-8805 - It was found that nettle's RSA and DSA...
Oracle Linux 7 : nettle (ELSA-2016-2582)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2582 advisory. - Use a cache-silent version of mpzpowm to prevent cache-timing attacks against RSA and DSA in shared VMs. 1364897,CVE-2016-6489 Tenable has extracted...
RHEL 7 : nettle (RHSA-2016:2582)
An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Fedora 23 : compat-nettle27 (2016-d94300845b)
Fixes CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 secp256r1 and secp384r1 bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 22 : nettle-2.7.1-6.fc22 (2016-8ee88aee21)
Fixes CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 secp256r1 and secp384r1 bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
CVE-2015-8804
x8664/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors...
CVE-2015-8804
CVE-2015-8804 affects the nettle cryptographic library (P-384 path) in x86_64 ECC, where the ecc-384-modp.asm implementation mishandles carry propagation, producing incorrect output and enabling unspecified impact via unknown vectors. Affected product/version: nettle prior to 3.2. The CVE is disc...
CVE-2015-8804
x8664/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors...
openSUSE Security Update : libnettle (openSUSE-2016-217)
This update for libnettle fixes the following issues : - CVE-2015-8803: secp256 calculation bug boo964845 - CVE-2015-8804: Miscalculations on secp384 curve boo964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions. boo964849 %NASLMINLEVEL 70300 C Tenable Network Security...
SUSE SLED12 / SLES12 Security Update : libnettle (SUSE-SU-2016:0455-1)
This update for libnettle fixes the following security issues : - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
openSUSE Security Update : libnettle (openSUSE-2016-212)
This update for libnettle fixes the following security issues : - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
openSUSE Security Update : libnettle (openSUSE-2016-211)
This update for libnettle fixes the following issues : - CVE-2015-8803: secp256 calculation bug boo964845 - CVE-2015-8804: Miscalculations on secp384 curve boo964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions. boo964849 %NASLMINLEVEL 70300 C Tenable Network Security...
Ubuntu 14.04 LTS : Nettle vulnerabilities (USN-2897-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2897-1 advisory. Hanno Bck discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. CVE-2015-8803 Hanno Bck discovered that Nettle...
Ubuntu: Security Advisory (USN-2897-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2016:0455-1 Security update for libnettle
This update for libnettle fixes the following security issues: - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
Mageia: Security Advisory (MGASA-2016-0061)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...