3 matches found
CVE-2014-4191
CVE-2014-4191 affects the EMC RSA BSAFE-C Toolkits TLS implementation (Share for C/C++) that uses Dual_EC_DRBG. The issue is caused by the TLS code sending a long series of random bytes during Dual_EC_DRBG usage, which enables an attacker to recover the algorithm’s inner state and potentially obt...
CVE-2014-4192
CVE-2014-4192 affects EMC RSA BSAFE-C Toolkits (Share for C/C++) Dual_EC_DRBG. The vulnerability arises from how output bytes are produced: the implementation uses the requested byte count without considering cached bytes, enabling recovery of the algorithm’s inner state and potential plaintext e...
CVE-2014-4193
CVE-2014-4193 concerns the TLS implementation in EMC RSA BSAFE-Java Toolkits (Share for Java) . The vulnerability arises from the TLS stack using the Extended Random extension while Dual_EC_DRBG is in use, which can allow an observer to recover enough state to obtain plaintext from TLS sessions b...