Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Flex System Manager FSM SMIA Configuration Tool also known as Network Advisor. Vulnerability Details Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Systems Director (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Systems Director. Vulnerability Details Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Systems Director. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Fabric Manager (IFM)

Summary There are multiple vulnerabilities in IBMR SDK JavaTM Technology Edition, Version 7 that is used by IBM Fabric Manager IFM. These issues were disclosed as part of the IBM Java SDK updates in July 2015 and April 2015. This bulletin also addresses the Logjam Attack on TLS connections using...

The vulnerability of the OpenSSL library, related to errors in processing cryptographic keys when using the DH (E) protocol, allows a hacker to induce a denial-of-service attack.

The vulnerability of the OpenSSL library is related to errors in the processing of cryptographic keys when the DH protocol E is used. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Weak Diffie-Hellman Handshake Due To Truncated Secret Length

libssh2 is vulnerable to weak handshakes. The vulnerability happens because diffiehellmansha256 function in kex.c in libssh2 generates secret key of length 128 or 256 bits instead of 1023 or 2047 bits, allowing the attackers to intercept or decrypt SSH sessions using bits/bytes confusion bug...

Debian DSA-4355-1 : openssl1.0 - security update

Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4355...

Debian: Security Advisory (DSA-4355-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4348-1 : openssl - security update

Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4348...

[SECURITY] [DSA 4348-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4348-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 30, 2018 https://www.debian.org/security/faq -...

CVE-2018-15769

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 in 4.0.x series and versions prior to 4.1.6.2 in 4.1.x series contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service DoS on TLS clients during the handshake when a very large prime value is se...

openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang

During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...

GHSA-9GP4-QRFF-C648 Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...

GHSA-2J2X-HX4G-2GF4 In Bouncy Castle JCE Provider the DHIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

GHSA-FJQM-246C-MWQG In Bouncy Castle JCE Provider the other party DH public key is not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...

bouncycastle: Other party DH public keys are not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

bouncycastle: DHIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...

openssl: BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...

bouncycastle: Other party DH public keys are not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

bouncycastle: DHIES implementation allowed the use of ECB mode

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider...