1009 matches found
CVE-2014-5270
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
Code injection
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
CVE-2014-5270
Libgcrypt prior to 1.5.4, used in GnuPG and other products, has a weakness in ciphertext normalization and ciphertext randomization. This side-channel condition could allow physically proximate attackers to perform key-extraction attacks by collecting voltage data from exposed metal. The CVE entr...
CVE-2014-5270
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
CVE-2014-5270
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
Mandriva Linux Security Advisory : libgcrypt (MDVSA-2014:176)
Updated libgcrypt packages fix security vulnerability : The libgcrypt library before version 1.5.4 is vulnerable to an ELGAMAL side-channel attack CVE-2014-5270. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriv...
MGASA-2014-0365 Updated libgcrypt packages fix CVE-2014-5270
Updated libgcrypt packages fix security vulnerability: The libgcrypt library before version 1.5.4 is vulnerable to an ELGAMAL side-channel attack CVE-2014-5270...
Updated libgcrypt packages fix CVE-2014-5270
Updated libgcrypt packages fix security vulnerability: The libgcrypt library before version 1.5.4 is vulnerable to an ELGAMAL side-channel attack CVE-2014-5270...
Ubuntu 14.04 LTS : Libgcrypt vulnerability (USN-2339-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2339-2 advisory. Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local...
SuSE 11.3 Security Update : libgcrypt (SAT Patch Number 9646)
This libgcrypt update fixes the following security issue : - Side-channel attack on Elgamal encryption subkeys. CVE-2014-5270. bnc892464 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The...
GLSA-201408-10 : Libgcrypt: Side-channel attack
The remote host is affected by the vulnerability described in GLSA-201408-10 Libgcrypt: Side-channel attack A vulnerability in the implementation of ElGamal decryption procedures of Libgcrypt leaks information to various side-channels. Impact : A physical side-channel attack allows a remote...
Libgcrypt: Side-channel attack
Background Libgcrypt is a general purpose cryptographic library derived out of GnuPG. Description A vulnerability in the implementation of ElGamal decryption procedures of Libgcrypt leaks information to various side-channels. Impact A physical side-channel attack allows a remote attacker to fully...
openSUSE Security Update : libgcrypt (openSUSE-SU-2014:1058-1)
libgcrypt was updated to 1.5.4 to prevent a side-channel attack on Elgamal encryption subkeys. Besides that the following issues were resolved : - Improved performance of RSA, DSA, and Elgamal by using a new exponentiation algorithm. - Fixed a subtle bug in mpisetbit which could set spurious bits...
UBUNTU-CVE-2014-5270
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
CVE-2014-5270
Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...
Fedora Update for mingw-libgcrypt FEDORA-2014-6851
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : xtrabackup (openSUSE-SU-2014:0245-1)
This update fixes the following security and non-security issues with xtrabackup : - update to 2.1.7 bnc860488 - general changes : - rebased on MySQL versions 5.5.35 and 5.6.15 - now uses libgcrypt randomization functions for setting the IV lp1255300 bnc852224 CVE-2013-6394 - bugs fixed : - After...
openSUSE Security Update : libgcrypt (openSUSE-SU-2013:1294-1)
libgcrypt was updated to 1.5.3 bnc831359 to fix a security issue, bugs and get some new features : Security issue fixed : - Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See . - contains changes from 1.5.2 - The upstream sources now contain the IDEA algorithm,...
[SECURITY] Fedora 19 Update: mingw-libgcrypt-1.5.3-1.fc19
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a Windows cross-compiled version of the library...
Fedora 19 : mingw-libgcrypt-1.5.3-1.fc19 (2014-6851)
Fix CVE-2013-4242 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...