Lucene search
K

58 matches found

CVE
CVE
added 2019/12/06 5:20 p.m.549 views

CVE-2019-1551

CVE-2019-1551 refers to an overflow bug in the x64_64 Montgomery squaring procedure used in OpenSSL during exponentiation with 512-bit moduli. OpenSSL notes no impact to EC, while DH512 attacks are only just feasible under certain conditions. Public disclosures and advisories confirm the issue an...

5.3CVSS6AI score0.14298EPSS
Exploits0References24Affected Software1
Debian CVE
Debian CVE
added 2019/12/06 5:20 p.m.53 views

CVE-2019-1551

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.5AI score0.14298EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/08 5:1 p.m.43 views

CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

2.6CVSS2.4AI score0.14225EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.34 views

EulerOS Virtualization 2.5.0 : openssl (EulerOS-SA-2018-1339)

According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC...

6.5CVSS7.3AI score0.10133EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/03 12:0 a.m.259 views

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1179)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms...

6.5CVSS6.9AI score0.78675EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/05/11 12:0 a.m.137 views

Amazon Linux AMI : openssl (ALAS-2018-1016)

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...

6.5CVSS6.9AI score0.78675EPSS
Exploits1References4
FreeBSD Advisory
FreeBSD Advisory
added 2017/11/29 12:0 a.m.23 views

FreeBSD-SA-17:11.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:11.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2017-11-29 Affects: All...

6.5CVSS6.8AI score0.17699EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/06 12:0 a.m.343 views

OpenSSL 1.1.0 < 1.1.0g Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0g. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0g advisory. - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No E...

6.5CVSS6.7AI score0.17699EPSS
Exploits0References8
Slackware Linux
Slackware Linux
added 2017/11/03 6:24 a.m.61 views

[slackware-security] openssl

New openssl packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssl-1.0.2m-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: There is a carry propagating bug in the x64...

6.5CVSS7.7AI score0.10133EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/11/03 12:0 a.m.60 views

FreeBSD : OpenSSL -- Multiple vulnerabilities (f40f07aa-c00f-11e7-ac58-b499baebfeaf)

The OpenSSL project reports : bnsqrx8xinternal carry bug on x8664 CVE-2017-3736 Severity: Moderate There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be ver...

6.5CVSS6.6AI score0.17699EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2017/11/02 5:0 p.m.52 views

CVE-2017-3736

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

6.5CVSS6.6AI score0.10133EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/11/02 12:0 a.m.42 views

CVE-2017-3736

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

6.5CVSS6.8AI score0.10133EPSS
Exploits0References3
OpenSSL
OpenSSL
added 2017/11/02 12:0 a.m.82 views

Vulnerability in OpenSSL - bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible...

6.7AI score0.10133EPSS
Exploits0Affected Software1
NVD
NVD
added 2017/05/04 8:29 p.m.28 views

CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

5.9CVSS6.5AI score0.14225EPSS
Exploits1References15
Huawei
Huawei
added 2017/04/19 12:0 a.m.45 views

Security Advisory - OpenSSL Montgomery multiplication may produce incorrect results Vulnerability

The Broadwell-specific Montgomery multiplication procedure has a denial of service DoS vulnerability when handling input longer than 256 bits.Only EC algorithms that use Brainpool P-512 curves are affected. An attacker could exploit this vulnerability to cause DoS during ECDH key...

5.9CVSS6.7AI score0.14225EPSS
Exploits1Affected Software8
Tenable Nessus
Tenable Nessus
added 2017/02/06 12:0 a.m.54 views

F5 Networks BIG-IP : OpenSSL vulnerability (K43570545)

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

5.9CVSS7AI score0.14225EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/01/30 12:0 a.m.100 views

OpenSSL 1.1.0 < 1.1.0d Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.0d. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0d advisory. - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d...

7.5CVSS7.2AI score0.57595EPSS
Exploits6References10
OpenSSL
OpenSSL
added 2017/01/26 12:0 a.m.82 views

Vulnerability in OpenSSL - BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible...

6.7AI score0.25137EPSS
Exploits1Affected Software1
Rows per page
Query Builder