37 matches found
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
GnuPG / libcrypt information leakage
ElGamal subkeys can be leaked via side-channel...
GnuTLS certificate verification security vulnerability found
GnuTLS, an open source SSL and TLS implementation used in hundreds of software packages including Red Hat desktop and server products and all Debian and Ubuntu Linux distributions, is the latest crypto package to improperly verify digital certificates as authentic. The vulnerability, discovered a...
gnupg / libcrypt RSA implementation flush+reload timing attack
Private key recovery by using CPU L3 cache timings...
Check Point response to "libcrypt 'crypt()' Password Encryption Weakness" (CVE-2012-2143)
...
FreeBSD Security Advisory FreeBSD-SA-12:02.crypt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...
FreeBSD-SA-12:02.crypt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...
CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSAverify and DSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
Input validation
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSAverify and DSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSAverify and DSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSAverify and DSAdoverify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077...
CVE-2009-0129
CVE-2009-0129 affects the Perl module libcrypt-openssl-dsa-perl, where return values from OpenSSL DSA_verify and DSA_do_verify are not properly checked. This can allow a remote attacker to bypass certificate-chain validation via a malformed SSL/TLS signature, as discussed in the vulnerability fam...
Debian Security Advisory DSA 996-1 (libcrypt-cbc-perl)
The remote host is missing an update to libcrypt-cbc-perl announced via advisory DSA 996-1. Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with blocksize 8 bytes. The old stable distribution woody does not contain a...
Debian: Security Advisory (DSA-996-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-996-1 : libcrypt-cbc-perl - programming error
Lincoln Stein discovered that the Perl Crypt::CBC module produces weak ciphertext when used with block encryption algorithms with blocksize 8 bytes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...