Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-2883-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS6.3AI score0.83645EPSS
Exploits1References2
Hacker One
Hacker One
added 2016/01/28 4:56 p.m.158 views

Internet Bug Bounty: OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)

Full write up: http://intothesymmetry.blogspot.ch/2016/01/openssl-key-recovery-attack-on-dh-small.html DH small subgroups CVE-2016-0701 ================================== Severity: High Historically OpenSSL usually only ever generated DH parameters based on "safe" primes. More recently in version...

2.6CVSS6AI score0.83645EPSS
Exploits1
OpenSSL
OpenSSL
added 2016/01/28 12:0 a.m.57 views

Vulnerability in OpenSSL - DH small subgroups

Historically OpenSSL usually only ever generated DH parameters based on “safe” primes. More recently in version 1.0.2 support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be “safe”. Where an application ...

5.5AI score0.83645EPSS
Exploits1Affected Software1
UbuntuCve
UbuntuCve
added 2016/01/28 12:0 a.m.40 views

CVE-2016-0701

The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose...

3.7CVSS6.7AI score0.83645EPSS
Exploits1References3
Rows per page
Query Builder