Lucene search
K

49 matches found

Amazon
Amazon
added 2013/09/19 12:0 a.m.41 views

Medium: gnupg

Issue Overview: GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Affected Packages: gnupg Issue Correction: Run yum update gnu...

1.9CVSS5.4AI score0.00533EPSS
Exploits0
NVD
NVD
added 2013/08/19 11:55 p.m.16 views

CVE-2013-4242

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload...

1.9CVSS6AI score0.00533EPSS
Exploits0References16
Prion
Prion
added 2013/08/19 11:55 p.m.36 views

Design/Logic Flaw

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload...

1.9CVSS6.4AI score0.00533EPSS
Exploits0References16Affected Software5
CVE
CVE
added 2013/08/19 11:0 p.m.144 views

CVE-2013-4242

CVE-2013-4242 affects GnuPG before 1.4.14 and Libgcrypt before 1.5.3 (as used in GnuPG 2.0.x), enabling a local user to obtain private RSA keys via a cache side-channel (Flush+Reload) on the L3 cache. The root cause is a cache side-channel leak in the RSA key handling within GnuPG/Libgcrypt. Docu...

1.9CVSS6AI score0.00533EPSS
Exploits0References16Affected Software1
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.15 views

Ubuntu Update for gnupg USN-1923-1

Check for the Version of gnupg OpenVAS Vulnerability Test $Id: gbubuntuUSN19231.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for gnupg USN-1923-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

1.9CVSS7.6AI score0.00533EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2013/08/01 1:45 a.m.58 views

USN-1923-1: GnuPG, Libgcrypt vulnerability

Yuval Yarom and Katrina Falkner discovered a timing-based information leak, known as Flush+Reload, that could be used to trace execution in programs. GnuPG and Libgcrypt followed different execution paths based on key-related data, which could be used to expose the contents of private keys...

1.9CVSS5.8AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/08/01 12:0 a.m.23 views

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : gnupg, libgcrypt11 vulnerability (USN-1923-1)

Yuval Yarom and Katrina Falkner discovered a timing-based information leak, known as Flush+Reload, that could be used to trace execution in programs. GnuPG and Libgcrypt followed different execution paths based on key-related data, which could be used to expose the contents of private keys. Note...

1.9CVSS5.8AI score0.00533EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/26 12:0 a.m.18 views

FreeBSD : gnupg -- side channel attack on RSA secret keys (80771b89-f57b-11e2-bf21-b499baab0cbe)

A Yarom and Falkner paper reports : Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a sp...

5.7AI score
Exploits0References3
FreeBSD
FreeBSD
added 2013/07/18 12:0 a.m.17 views

gnupg -- side channel attack on RSA secret keys

A Yarom and Falkner paper reports: Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy...

3AI score
Exploits0References2
Rows per page
Query Builder