ID CVE-2013-2566
Summary The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
References
Vulnerable Configurations
  • Oracle Sparc-OPL Service Processor 1121
    cpe:2.3:a:oracle:sparc-opl_service_processor:1121
  • IBM WebSphere Application Server
    cpe:2.3:a:ibm:websphere_application_server
  • cpe:2.3:a:jboss:jboss_enterprise_application_server
    cpe:2.3:a:jboss:jboss_enterprise_application_server
  • cpe:2.3:a:microsoft:iis
    cpe:2.3:a:microsoft:iis
  • Oracle GlassFish
    cpe:2.3:a:oracle:glassfish
  • cpe:2.3:a:sun:glassfish_enterprise_server
    cpe:2.3:a:sun:glassfish_enterprise_server
  • Apple Safari
    cpe:2.3:a:apple:safari
  • cpe:2.3:a:google:chrome
    cpe:2.3:a:google:chrome
  • Microsoft Internet Explorer
    cpe:2.3:a:microsoft:ie
  • Mozilla Firefox
    cpe:2.3:a:mozilla:firefox
  • cpe:2.3:a:opera:opera_browser
    cpe:2.3:a:opera:opera_browser
CVSS
Base: 4.3 (as of 25-04-2016 - 14:16)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2031-1.NASL
    description Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. (CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5607). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 71021
    published 2013-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71021
    title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2031-1)
  • NASL family General
    NASL id PCI_RC4_SUPPORTED.NASL
    description At least one of the SSL or TLS services on the remote host supports the use of RC4 for encryption. RC4 does not meet the PCI definition of strong cryptography as defined by NIST Special Publication 800-57 Part 1. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness. If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext.
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 106458
    published 2018-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106458
    title SSL/TLS Services Support RC4 (PCI DSS)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201504-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201504-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, spoof the address bar, conduct clickjacking attacks, bypass security restrictions and protection mechanisms, or have other unspecified impact. Workaround : There are no known workarounds at this time.
    last seen 2019-02-21
    modified 2016-11-11
    plugin id 82632
    published 2015-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82632
    title GLSA-201504-01 : Mozilla Products: Multiple vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2032-1.NASL
    description Multiple security issues were discovered in Thunderbird. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. (CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5607). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 71036
    published 2013-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71036
    title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2032-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201406-19.NASL
    description The remote host is affected by the vulnerability described in GLSA-201406-19 (Mozilla Network Security Service: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Mozilla Network Security Service. Please review the CVE identifiers referenced below for more details about the vulnerabilities. Impact : A remote attacker can cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-13
    plugin id 76178
    published 2014-06-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76178
    title GLSA-201406-19 : Mozilla Network Security Service: Multiple vulnerabilities
  • NASL family General
    NASL id SSL_RC4_SUPPORTED_CIPHERS.NASL
    description The remote host supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness. If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 65821
    published 2013-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65821
    title SSL RC4 Cipher Suites Supported (Bar Mitzvah)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL14638.NASL
    description The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. (CVE-2013-2566) Impact Remote attackers may be able to conduct plaintext-recovery attacks using statistical analysis of ciphertext.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78155
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78155
    title F5 Networks BIG-IP : TLS/SSL RC4 vulnerability (K14638)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-270.NASL
    description Multiple security issues was identified and fixed in mozilla NSPR and NSS : Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure (CVE-2013-1739). Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value (CVE-2013-1741). The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext (CVE-2013-2566). Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets (CVE-2013-5605). The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate (CVE-2013-5606). Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741 (CVE-2013-5607). The NSPR packages has been upgraded to the 4.10.2 version and the NSS packages has been upgraded to the 3.15.3 version which is unaffected by these security flaws. Additionally the rootcerts packages has been upgraded with the latest certdata.txt file as of 2013/11/11 from mozilla.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 70998
    published 2013-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70998
    title Mandriva Linux Security Advisory : nss (MDVSA-2013:270)
refmap via4
bid 58796
confirm
gentoo
  • GLSA-201406-19
  • GLSA-201504-01
hp
  • HPSBGN03324
  • SSRT102035
misc
ubuntu
  • USN-2031-1
  • USN-2032-1
Last major update 21-12-2016 - 21:59
Published 15-03-2013 - 17:55
Last modified 18-01-2018 - 13:18
Back to Top