CVE-2016-1494

The CVE-2016-1494 issue affects the Python-RSA library’s verify function prior to version 3.3, enabling a Bleichenbacher ’06 style attack to forge signatures with a small public exponent via crafted padding (BERserk). This can allow an attacker to spoof valid signatures for the affected RSA keys....

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

SUSE-SU-2016:0107-1 Security update for python-rsa

This update for python-rsa fixes the following security issue: CVE-2016-1494: Possible signature forgery via Bleichenbacher attack bsc960680...

MGASA-2016-0011 Updated python-rsa packages fix security vulnerability

A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...

py-rsa -- Bleichenbacher'06 signature forgery vulnerability

Filippo Valsorda reports: python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with low public exponent...