Man-In-The-Middle Proof-Of-Concept Via Krontiris' Ephemeral Diffie-Hellman over COSE (EDHOC) in C

This report presents some technical details on the authentication process of a lightweight key exchange protocol, paying attention on how Man-in-the-Middle MitM attacks could undermine its security, e.g., under the scope of lawful interception and its risk to facilitate mass surveillance. We focu...

CVE-2020-5929

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous ADH or Ephemeral DHE Diffie-Hellman key exchange and Single DH use option not enable...

PT-2020-18827 · F5 · F5 Big-Ip

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 11.6.1 through 11.6.2 F5 BIG-IP versions 12.1.0 through 12.1.2 HF1 F5 BIG-IP versions 13.0.0 through 13.0.0 HF2 Description: The issue affects F5 BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, where a...

CVE-2018-15769

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 in 4.0.x series and versions prior to 4.1.6.2 in 4.1.x series contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service DoS on TLS clients during the handshake when a very large prime value is se...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible when the client authentication and ephemeral Diffie-Hellman ciphersuite are enabled. They can be triggered through the use of a ClientKeyExchange with a length of zero...

BSA-2015-1935

Security Advisory ID : BSA-2015-1935 Component : TLS protocol 1.2 Revision : 5.0 The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct...

PT-2015-1688 · Openssl +1 · Openssl +3

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.0.2 through 1.0.2a excluding 1.0.2a Description: The issue allows remote attackers to cause a denial of service daemon crash via a ClientKeyExchange message with a length of zero, when client authentication and an ephemeral...

NSS: insecure Diffie-Hellman key exchange

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral DHE mode, which makes it easier for remote attackers to defeat...