Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.23 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : ECDSA Util vulnerability (USN-6239-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6239-1 advisory. It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue ...

10CVSS8.2AI score0.01038EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/05/15 12:0 a.m.12 views

Fedora: Security Advisory for ecdsautils (FEDORA-2022-111177a5ac)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS7.5AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.24 views

Debian DSA-5132-1 : ecdsautils - security update

The remote Debian 10 / 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5132 advisory. It was discovered that ecdsautils, a collection of ECDSA elliptic curve cryptography CLI tools verified some cryptographic signatures incorrectly: A signature...

10CVSS7.9AI score0.01038EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/05/08 12:0 a.m.5 views

Debian: Security Advisory (DLA-2997-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.01038EPSS
Exploits0References4
Debian
Debian
added 2022/05/07 6:12 a.m.44 views

[SECURITY] [DLA 2997-1] ecdsautils security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2997-1 [email protected] https://www.debian.org/lts/security/ Sven Eckelmann May 07, 2022 https://wiki.debian.org/LTS -...

10CVSS8.6AI score0.01038EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/07 12:0 a.m.33 views

Debian DLA-2997-1 : ecdsautils - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2997 advisory. In ecdsautils, a collection of ECDSA elliptic curve cryptography command line tools, an improper verification of cryptographic signatures was detected. A signature consisti...

10CVSS7.9AI score0.01038EPSS
Exploits0References5
Circl
Circl
added 2022/05/06 7:22 a.m.7 views

CVE-2022-24884

creationtimestamp| type| source ---|---|--- 2022-05-06 07:22:18+00:00| seen| https://t.me/cibsecurity/42090...

10CVSS8.3AI score0.01038EPSS
Exploits0References1
OSV
OSV
added 2022/05/06 12:15 a.m.2 views

DEBIAN-CVE-2022-24884

ecdsautils is a tiny collection of programs used for ECDSA keygen, sign, verify. ecdsaverifypreparelegacy does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References1
OSV
OSV
added 2022/05/06 12:15 a.m.2 views

UBUNTU-CVE-2022-24884

ecdsautils is a tiny collection of programs used for ECDSA keygen, sign, verify. ecdsaverifypreparelegacy does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple...

10CVSS7.2AI score0.01038EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2022/05/05 11:50 p.m.4 views

CVE-2022-24884 Trivial signature forgery in ecdsautils

ecdsautils is a tiny collection of programs used for ECDSA keygen, sign, verify. ecdsaverifypreparelegacy does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple...

10CVSS9.5AI score0.01038EPSS
Exploits0References8
CVE
CVE
added 2022/05/05 11:50 p.m.110 views

CVE-2022-24884

CVE-2022-24884 affects ecdsautils, the ECDSA utilities library and CLI. The flaw is in ecdsautils’ signature verification: ecdsa_verify_[prepare_]legacy() does not reject zero-valued r or s, causing signatures comprised entirely of zeros to be deemed valid. Consequently, forged signatures can byp...

10CVSS7.6AI score0.01038EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder