8 matches found
Security Bulletin: A vulnerability in crypto++ affects PowerKVM (CVE-2016-3995)
Summary PowerKVM is affected by a vulnerability in crypto++ aka cryptopp. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2016-3995 DESCRIPTION: Crypto++ could allow a remote attacker to bypass security restrictions, caused by a timing attack error. A remote attacker could explo...
CVE-2016-3995
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...
CVE-2016-3995
Crypto++ (libcryptopp) timing-attack vulnerability CVE-2016-3995 affects Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock prior to version 5.6.4, where the timing-protection code could be optimized out by compilers. This could allow an attacker to perform timing attacks. Th...
CVE-2016-3995
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...
CVE-2016-3995
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...
Mageia: Security Advisory (MGASA-2016-0147)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2016-0147 Updated libcryptopp packages fix CVE-2016-3995
Updated libcryptopp packages fix security vulnerability: In libcryptopp, for both Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock there is some code to avoid timing attacks, however it is removed by the compiler due to optimizations, making the binary vulnerable to timing...
Fedora 24 : cryptopp-5.6.3-3.fc24 (2016-96b60bdb96)
Fix for CVE-2016-3995 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...