Mageia: Security Advisory (MGASA-2017-0422)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in Open Source Botan affects IBM Netezza Platform Software clients

Summary Open Source Botan is used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-14737 DESCRIPTION: Botan could allow a local attacker to obtain sensitive information, caused by a flaw in the cryptographic...

Debian: Security Advisory (DLA-1125-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2017-0422 Updated botan packages fix security vulnerability

In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed perhaps via an active attack such as Prime+Probe could recover information about the exponent CVE-2017-14737...

Updated botan packages fix security vulnerability

In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed perhaps via an active attack such as Prime+Probe could recover information about the exponent CVE-2017-14737...

Fedora Update for botan FEDORA-2017-7e5ac0896e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1125-1 : botan1.10 security update

CVE-2017-14737 Fix of cache-based side channel attack, which could recover information about RSA secret keys. For Debian 7 'Wheezy', these problems have been fixed in version 1.10.5-1+deb7u4. We recommend that you upgrade your botan1.10 packages. NOTE: Tenable Network Security has extracted the...

[SECURITY] [DLA 1125-1] botan1.10 security update

Package : botan1.10 Version : 1.10.5-1+deb7u4 CVE ID : CVE-2017-14737 CVE-2017-14737 Fix of cache-based side channel attack, which could recover information about RSA secret keys. For Debian 7 "Wheezy", these problems have been fixed in version 1.10.5-1+deb7u4. We recommend that you upgrade your...

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key...

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key...

CVE-2017-14737

Botan contains a cache-based side-channel flaw in its RSA implementation that can let a local attacker recover bits of secret exponents used in RSA (and related operations). Affected are Botan versions before 1.10.17, and 1.11.x and 2.x before 2.3.0. The vulnerability arises from indexing a Montg...