Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:33 a.m.17 views

Security Bulletin: A vulnerability in crypto++ affects PowerKVM (CVE-2016-3995)

Summary PowerKVM is affected by a vulnerability in crypto++ aka cryptopp. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2016-3995 DESCRIPTION: Crypto++ could allow a remote attacker to bypass security restrictions, caused by a timing attack error. A remote attacker could explo...

7.5CVSS1.5AI score0.01858EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2017/02/13 6:59 p.m.21 views

CVE-2016-3995

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...

7.5CVSS7AI score0.01858EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 6:0 p.m.53 views

CVE-2016-3995

Crypto++ (libcryptopp) timing-attack vulnerability CVE-2016-3995 affects Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock prior to version 5.6.4, where the timing-protection code could be optimized out by compilers. This could allow an attacker to perform timing attacks. Th...

7.5CVSS7.2AI score0.01858EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/02/13 6:0 p.m.29 views

CVE-2016-3995

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...

7.3AI score0.01858EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2017/02/13 6:0 p.m.19 views

CVE-2016-3995

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...

7.5CVSS7.4AI score0.01858EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/05/09 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2016-0147)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01858EPSS
Exploits0References4
OSV
OSV
added 2016/04/25 7:57 a.m.8 views

MGASA-2016-0147 Updated libcryptopp packages fix CVE-2016-3995

Updated libcryptopp packages fix security vulnerability: In libcryptopp, for both Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock there is some code to avoid timing attacks, however it is removed by the compiler due to optimizations, making the binary vulnerable to timing...

7.5CVSS7.7AI score0.01858EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/04/22 12:0 a.m.21 views

Fedora 24 : cryptopp-5.6.3-3.fc24 (2016-96b60bdb96)

Fix for CVE-2016-3995 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS7.2AI score0.01858EPSS
Exploits0References3
Rows per page
Query Builder