CVE-2016-8635

CVE-2016-8635 describes a small subgroup confinement attack in the Diffie-Hellman client key exchange within NSS 3.21.x, enabling potential private-key recovery. Connected docs show NSS-related advisories affecting IBM PowerKVM (PowerKVM 2.1/3.1 lines; fixes via PowerKVM updates to 2.1.1.3-65 and...

Security News: Bluetooth Bug Triggers Patch Frenzy, as Ransomware Attack Hits Global Shipper

A scary Bluetooth bug. A crippling ransomware attack. A cyber threat to the U.S. electrical grid. A data leak of trade secrets from major car makers such as Tesla and GM. These were some of the security industry news that caught our eye last week. Bluetooth vulnerability rattles vendors, end user...

Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange

Overview Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. Description CWE-325: Missi...

GHSA-RVJ9-8CVX-3VQ9 Invalid Curve Attack in node-jose

Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or later...

Invalid Curve Attack in node-jose

Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or later...

PT-2018-3532 · Apple +6 · Ios +7

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 10.13 iOS versions prior to 11.4 Android versions prior to the 2018-06-05 patch Description: The issue is related to incorrect validation of cryptographic signatures in Bluetooth drivers for Android, macOS, and iOS...

GHSA-6528-WVF6-F6QG Pycrypto generates weak key parameters

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

Pycrypto generates weak key parameters

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...

openssl: BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...

openssl: bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

openssl: bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

openssl: BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...

openssl: BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearCase (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Rational ClearCase. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Business Compass (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile that is shipped as a component of WebSphere Business Compass. The IBM HTTP Server used by WebSphere Application Server is not affected. Vulnerability...

Security Bulletin: A vulnerability in libssh2 affects PowerKVM (CVE-2016-0787)

Summary PowerKVM is affected by a vulnerability in libssh2. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2016-0787 DESCRIPTION: libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the generation of a...

Security Bulletin: Multiple Vulnerabilities in OpenSSL including Logjam affect IBM Flex System Manager (FSM)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by FSM. FSM has addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects PowerKVM (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects PowerKVM. Vulnerability Details CVE Information: copy/paste-able; will update after page submission. Provided by system to make it easy to cut and paste data. CVEID: CVE-2015-4000 DESCRIPTION: T...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Real-time Compression Appliance (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Real-time Compression Appliance Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...