Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.42 views

openSUSE Security Update : enigmail (openSUSE-2019-395) (EFAIL)

This update for enigmail to version 2.0.5 fixes the following issues : Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL : - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code %NASLMINLEVEL 70300 C...

5.9CVSS6.5AI score0.05572EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.30 views

openSUSE Security Update : enigmail (openSUSE-2019-368) (EFAIL)

This update for enigmail fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget attacks allows to...

5.9CVSS6.5AI score0.05572EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.26 views

openSUSE: Security Advisory for enigmail (openSUSE-SU-2018:1347-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.2AI score0.05572EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.35 views

Fedora 27 : thunderbird-enigmail (2018-25525a9346) (EFAIL)

Enigmail update to version 2.0.4, introduces fixes for the efail attack. Please check and modify your Thunderbird settings if required: https://enigmail.net/index.php/en/home/news/66-2018-05-16-efail-vulner ability-affects-encrypted-mails Note that Tenable Network Security has extracted the...

5.9CVSS6.2AI score0.05572EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.44 views

Fedora 26 : thunderbird-enigmail (2018-6020628437) (EFAIL)

Enigmail update to version 2.0.4, introduces fixes for the efail attack. Please check and modify your Thunderbird settings if required: https://enigmail.net/index.php/en/home/news/66-2018-05-16-efail-vulner ability-affects-encrypted-mails Note that Tenable Network Security has extracted the...

5.9CVSS6.2AI score0.05572EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/05/24 12:0 a.m.38 views

openSUSE Security Update : enigmail (openSUSE-2018-495) (EFAIL)

This update for enigmail to version 2.0.5 fixes the following issues : Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL : - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code %NASLMINLEVEL 70300 C...

5.9CVSS6.5AI score0.05572EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2018/05/21 12:0 a.m.44 views

openSUSE Security Update : enigmail (openSUSE-2018-474) (EFAIL)

This update for enigmail fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget attacks allows to...

5.9CVSS6.5AI score0.05572EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2018/05/18 12:0 a.m.42 views

openSUSE Security Update : enigmail (openSUSE-2018-470) (EFAIL)

This update for enigmail to version 2.0.4 fixes multiple issues. Security issues fixed : - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget...

5.9CVSS6.5AI score0.05572EPSS
Exploits3References4
OSV
OSV
added 2018/05/16 7:29 p.m.8 views

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode CFB malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code MDC feature or accept an obsolete...

5.9CVSS7.5AI score
Exploits0References10
CVE
CVE
added 2018/05/16 7:0 p.m.108 views

CVE-2017-17688

CVE-2017-17688 concerns an OpenPGP CFB gadget/malleability attack (EFAIL) that can lead to plaintext exfiltration from encrypted emails. Connected advisories show Enigmail/OpenPGP patches (e.g., openSUSE SUSE/OpenSUSE-2019-368/395; Thunderbird enigmail updates) addressing this vulnerability by ti...

5.9CVSS5.7AI score0.05572EPSS
Exploits2References10Affected Software11
Rows per page
Query Builder