6 matches found
CVE-2014-4191
The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...
CVE-2014-4193
The TLS implementation in EMC RSA BSAFE-Java Toolkits aka Share for Java supports the Extended Random extension during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by requesting long nonces from a server, a different issue than...
Default configuration
The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager DPM 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation DualECDRBG algorithm, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging...
Code injection
The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...
Debian Security Advisory DSA 2833-1 (openssl - several vulnerabilities)
Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this update disables the insecure DualECDRBG algorithm which was unused anyway, see...
DSA-2833-1 openssl - several
Bulletin has no description...