3 matches found
The ROBOT Attack - Return of Bleichenbacher's Oracle Threat
A plaintext recovery of encrypted messages or a Man-in-the-middle MiTM attack on RSA PKCS 1 v1.5 encryption may be possible without knowledge of the server's private key...
CVE-2018-7559
The CVE-2018-7559 issue affects OPC UA .NET Standard/Legacy Stack and Sample Code, where remote attackers can determine a server’s private key by sending specially crafted bad UserIdentityTokens as part of an oracle attack. Public details reference GitHub commits before 2018-04-12 (Standard) and ...
CVE-2014-3591
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...