ID CVE-2018-0495
Summary Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
References
Vulnerable Configurations
  • GnuPG Libgcrypt 0.1.0
    cpe:2.3:a:gnupg:libgcrypt:0.1.0
  • GnuPG Libgcrypt 0.2.0
    cpe:2.3:a:gnupg:libgcrypt:0.2.0
  • GnuPG Libgcrypt 0.2.6
    cpe:2.3:a:gnupg:libgcrypt:0.2.6
  • GnuPG Libgcrypt 0.2.8
    cpe:2.3:a:gnupg:libgcrypt:0.2.8
  • GnuPG Libgcrypt 0.2.10
    cpe:2.3:a:gnupg:libgcrypt:0.2.10
  • GnuPG Libgcrypt 0.2.15
    cpe:2.3:a:gnupg:libgcrypt:0.2.15
  • GnuPG Libgcrypt 0.2.17
    cpe:2.3:a:gnupg:libgcrypt:0.2.17
  • GnuPG Libgcrypt 0.2.18
    cpe:2.3:a:gnupg:libgcrypt:0.2.18
  • GnuPG Libgcrypt 0.2.19
    cpe:2.3:a:gnupg:libgcrypt:0.2.19
  • GnuPG Libgcrypt 0.3.0
    cpe:2.3:a:gnupg:libgcrypt:0.3.0
  • GnuPG Libgcrypt 0.3.1
    cpe:2.3:a:gnupg:libgcrypt:0.3.1
  • GnuPG Libgcrypt 0.3.2
    cpe:2.3:a:gnupg:libgcrypt:0.3.2
  • GnuPG Libgcrypt 0.3.3
    cpe:2.3:a:gnupg:libgcrypt:0.3.3
  • GnuPG Libgcrypt 0.3.4
    cpe:2.3:a:gnupg:libgcrypt:0.3.4
  • GnuPG Libgcrypt 0.3.5
    cpe:2.3:a:gnupg:libgcrypt:0.3.5
  • GnuPG Libgcrypt 0.4.0
    cpe:2.3:a:gnupg:libgcrypt:0.4.0
  • GnuPG Libgcrypt 0.4.1
    cpe:2.3:a:gnupg:libgcrypt:0.4.1
  • GnuPG Libgcrypt 0.4.2
    cpe:2.3:a:gnupg:libgcrypt:0.4.2
  • GnuPG Libgcrypt 0.4.3
    cpe:2.3:a:gnupg:libgcrypt:0.4.3
  • GnuPG Libgcrypt 0.4.4
    cpe:2.3:a:gnupg:libgcrypt:0.4.4
  • GnuPG Libgcrypt 0.4.5
    cpe:2.3:a:gnupg:libgcrypt:0.4.5
  • GnuPG Libgcrypt 0.9.0
    cpe:2.3:a:gnupg:libgcrypt:0.9.0
  • GnuPG Libgcrypt 0.9.1
    cpe:2.3:a:gnupg:libgcrypt:0.9.1
  • GnuPG Libgcrypt 0.9.2
    cpe:2.3:a:gnupg:libgcrypt:0.9.2
  • GnuPG Libgcrypt 0.9.3
    cpe:2.3:a:gnupg:libgcrypt:0.9.3
  • GnuPG Libgcrypt 0.9.4
    cpe:2.3:a:gnupg:libgcrypt:0.9.4
  • GnuPG Libgcrypt 0.9.5
    cpe:2.3:a:gnupg:libgcrypt:0.9.5
  • GnuPG Libgcrypt 0.9.6
    cpe:2.3:a:gnupg:libgcrypt:0.9.6
  • GnuPG Libgcrypt 0.9.7
    cpe:2.3:a:gnupg:libgcrypt:0.9.7
  • GnuPG Libgcrypt 0.9.8
    cpe:2.3:a:gnupg:libgcrypt:0.9.8
  • GnuPG Libgcrypt 0.9.9
    cpe:2.3:a:gnupg:libgcrypt:0.9.9
  • GnuPG Libgcrypt 0.9.10
    cpe:2.3:a:gnupg:libgcrypt:0.9.10
  • GnuPG Libgcrypt 0.9.11
    cpe:2.3:a:gnupg:libgcrypt:0.9.11
  • GnuPG Libgcrypt 1.0.0
    cpe:2.3:a:gnupg:libgcrypt:1.0.0
  • GnuPG Libgcrypt 1.0.1
    cpe:2.3:a:gnupg:libgcrypt:1.0.1
  • GnuPG Libgcrypt 1.0.2
    cpe:2.3:a:gnupg:libgcrypt:1.0.2
  • GnuPG Libgcrypt 1.0.3
    cpe:2.3:a:gnupg:libgcrypt:1.0.3
  • GnuPG Libgcrypt 1.0.4
    cpe:2.3:a:gnupg:libgcrypt:1.0.4
  • GnuPG Libgcrypt 1.1.0
    cpe:2.3:a:gnupg:libgcrypt:1.1.0
  • GnuPG Libgcrypt 1.1.2
    cpe:2.3:a:gnupg:libgcrypt:1.1.2
  • GnuPG Libgcrypt 1.1.3
    cpe:2.3:a:gnupg:libgcrypt:1.1.3
  • GnuPG Libgcrypt 1.1.4
    cpe:2.3:a:gnupg:libgcrypt:1.1.4
  • GnuPG Libgcrypt 1.1.5
    cpe:2.3:a:gnupg:libgcrypt:1.1.5
  • GnuPG Libgcrypt 1.1.6
    cpe:2.3:a:gnupg:libgcrypt:1.1.6
  • GnuPG Libgcrypt 1.1.7
    cpe:2.3:a:gnupg:libgcrypt:1.1.7
  • GnuPG Libgcrypt 1.1.8
    cpe:2.3:a:gnupg:libgcrypt:1.1.8
  • GnuPG Libgcrypt 1.1.9
    cpe:2.3:a:gnupg:libgcrypt:1.1.9
  • GnuPG Libgcrypt 1.1.10
    cpe:2.3:a:gnupg:libgcrypt:1.1.10
  • GnuPG Libgcrypt 1.1.11
    cpe:2.3:a:gnupg:libgcrypt:1.1.11
  • GnuPG Libgcrypt 1.1.12
    cpe:2.3:a:gnupg:libgcrypt:1.1.12
  • GnuPG Libgcrypt 1.1.42
    cpe:2.3:a:gnupg:libgcrypt:1.1.42
  • GnuPG Libgcrypt 1.1.43
    cpe:2.3:a:gnupg:libgcrypt:1.1.43
  • GnuPG Libgcrypt 1.1.44
    cpe:2.3:a:gnupg:libgcrypt:1.1.44
  • GnuPG Libgcrypt 1.1.90
    cpe:2.3:a:gnupg:libgcrypt:1.1.90
  • GnuPG Libgcrypt 1.1.91
    cpe:2.3:a:gnupg:libgcrypt:1.1.91
  • GnuPG Libgcrypt 1.1.92
    cpe:2.3:a:gnupg:libgcrypt:1.1.92
  • GnuPG Libgcrypt 1.1.93
    cpe:2.3:a:gnupg:libgcrypt:1.1.93
  • GnuPG Libgcrypt 1.1.94
    cpe:2.3:a:gnupg:libgcrypt:1.1.94
  • GnuPG Libgcrypt 1.2.0
    cpe:2.3:a:gnupg:libgcrypt:1.2.0
  • GnuPG Libgcrypt 1.2.1
    cpe:2.3:a:gnupg:libgcrypt:1.2.1
  • GnuPG Libgcrypt 1.2.2
    cpe:2.3:a:gnupg:libgcrypt:1.2.2
  • GnuPG Libgcrypt 1.2.3
    cpe:2.3:a:gnupg:libgcrypt:1.2.3
  • GnuPG Libgcrypt 1.2.4
    cpe:2.3:a:gnupg:libgcrypt:1.2.4
  • GnuPG Libgcrypt 1.3.0
    cpe:2.3:a:gnupg:libgcrypt:1.3.0
  • GnuPG Libgcrypt 1.3.1
    cpe:2.3:a:gnupg:libgcrypt:1.3.1
  • GnuPG Libgcrypt 1.3.2
    cpe:2.3:a:gnupg:libgcrypt:1.3.2
  • GnuPG Libgcrypt 1.4.0
    cpe:2.3:a:gnupg:libgcrypt:1.4.0
  • GnuPG Libgcrypt 1.4.1
    cpe:2.3:a:gnupg:libgcrypt:1.4.1
  • GnuPG Libgcrypt 1.4.1 Release Candidate 1
    cpe:2.3:a:gnupg:libgcrypt:1.4.1:rc1
  • GnuPG Libgcrypt 1.4.2
    cpe:2.3:a:gnupg:libgcrypt:1.4.2
  • GnuPG Libgcrypt 1.4.2 Release Candidate 1
    cpe:2.3:a:gnupg:libgcrypt:1.4.2:rc1
  • GnuPG Libgcrypt 1.4.2 Release Candidate 2
    cpe:2.3:a:gnupg:libgcrypt:1.4.2:rc2
  • GnuPG Libgcrypt 1.4.3
    cpe:2.3:a:gnupg:libgcrypt:1.4.3
  • GnuPG Libgcrypt 1.4.4
    cpe:2.3:a:gnupg:libgcrypt:1.4.4
  • GnuPG Libgcrypt 1.4.5
    cpe:2.3:a:gnupg:libgcrypt:1.4.5
  • GnuPG Libgcrypt 1.4.6
    cpe:2.3:a:gnupg:libgcrypt:1.4.6
  • GnuPG Libgcrypt 1.5.0
    cpe:2.3:a:gnupg:libgcrypt:1.5.0
  • GnuPG Libgcrypt 1.5.0 Beta1
    cpe:2.3:a:gnupg:libgcrypt:1.5.0:beta1
  • GnuPG Libgcrypt 1.5.1
    cpe:2.3:a:gnupg:libgcrypt:1.5.1
  • GnuPG Libgcrypt 1.5.2
    cpe:2.3:a:gnupg:libgcrypt:1.5.2
  • GnuPG Libgcrypt 1.5.3
    cpe:2.3:a:gnupg:libgcrypt:1.5.3
  • GnuPG Libgcrypt 1.5.4
    cpe:2.3:a:gnupg:libgcrypt:1.5.4
  • GnuPG Libgcrypt 1.5.5
    cpe:2.3:a:gnupg:libgcrypt:1.5.5
  • GnuPG Libgcrypt 1.5.6
    cpe:2.3:a:gnupg:libgcrypt:1.5.6
  • GnuPG (Privacy Guard) Libgcrypt 1.6.0
    cpe:2.3:a:gnupg:libgcrypt:1.6.0
  • GnuPG (Privacy Guard) Libgcrypt 1.6.1
    cpe:2.3:a:gnupg:libgcrypt:1.6.1
  • GnuPG (Privacy Guard) Libgcrypt 1.6.2
    cpe:2.3:a:gnupg:libgcrypt:1.6.2
  • GnuPG (Privacy Guard) Libgcrypt 1.6.3
    cpe:2.3:a:gnupg:libgcrypt:1.6.3
  • GnuPG Libgcrypt 1.6.4
    cpe:2.3:a:gnupg:libgcrypt:1.6.4
  • GnuPG (Privacy Guard) Libgcrypt 1.6.5
    cpe:2.3:a:gnupg:libgcrypt:1.6.5
  • GnuPG Libgcrypt 1.6.6
    cpe:2.3:a:gnupg:libgcrypt:1.6.6
  • GnuPG (Privacy Guard) Libgcrypt 1.7.0
    cpe:2.3:a:gnupg:libgcrypt:1.7.0
  • GnuPG (Privacy Guard) Libgcrypt 1.7.1
    cpe:2.3:a:gnupg:libgcrypt:1.7.1
  • GnuPG (Privacy Guard) Libgcrypt 1.7.2
    cpe:2.3:a:gnupg:libgcrypt:1.7.2
  • GnuPG Libgcrypt 1.7.3
    cpe:2.3:a:gnupg:libgcrypt:1.7.3
  • GnuPG Libgcrypt 1.7.4
    cpe:2.3:a:gnupg:libgcrypt:1.7.4
  • GnuPG Libgcrypt 1.7.5
    cpe:2.3:a:gnupg:libgcrypt:1.7.5
  • GnuPG Libgcrypt 1.7.6
    cpe:2.3:a:gnupg:libgcrypt:1.7.6
  • GnuPG Libgcrypt 1.7.7
    cpe:2.3:a:gnupg:libgcrypt:1.7.7
  • GnuPG Libgcrypt 1.7.8
    cpe:2.3:a:gnupg:libgcrypt:1.7.8
  • GnuPG Libgcrypt 1.7.9
    cpe:2.3:a:gnupg:libgcrypt:1.7.9
  • GnuPG Libgcrypt 1.8.0
    cpe:2.3:a:gnupg:libgcrypt:1.8.0
  • GnuPG Libgcrypt 1.8.1
    cpe:2.3:a:gnupg:libgcrypt:1.8.1
  • GnuPG Libgcrypt 1.8.2
    cpe:2.3:a:gnupg:libgcrypt:1.8.2
  • Canonical Ubuntu Linux 12.04 ESM (Extended Security Maintenance)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 17.10
    cpe:2.3:o:canonical:ubuntu_linux:17.10
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
CVSS
Base: 1.9
Impact:
Exploitability:
CWE CWE-200
CAPEC
  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
  • Reusing Session IDs (aka Session Replay)
    This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.
  • Using Slashes in Alternate Encoding
    This attack targets the encoding of the Slash characters. An attacker would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the attacker many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.
nessus via4
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0091_LIBGCRYPT.NASL
    description An update of the libgcrypt package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121992
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121992
    title Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-98AB6B4E56.NASL
    description Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels. - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size. - Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1) - Add base32 encoding/decoding - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7 -0-2018-07-02) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-04
    plugin id 111016
    published 2018-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111016
    title Fedora 27 : botan2 (2018-98ab6b4e56)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-EAA7DE17AE.NASL
    description Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels. - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size. - Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1) - Add base32 encoding/decoding - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7 -0-2018-07-02) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120879
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120879
    title Fedora 28 : botan2 (2018-eaa7de17ae)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-3221.NASL
    description An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 118998
    published 2018-11-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118998
    title CentOS 7 : openssl (CESA-2018:3221)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2019-1009.NASL
    description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 120997
    published 2019-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120997
    title EulerOS 2.0 SP5 : openssl (EulerOS-SA-2019-1009)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-1102.NASL
    description During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.(CVE-2018-0732) Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495) Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe.(CVE-2018-0739) While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006.(CVE-2017-3735)
    last seen 2019-02-21
    modified 2018-11-09
    plugin id 118833
    published 2018-11-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118833
    title Amazon Linux 2 : openssl (ALAS-2018-1102)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1420.NASL
    description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 119909
    published 2018-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119909
    title EulerOS 2.0 SP2 : openssl (EulerOS-SA-2018-1420)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1392.NASL
    description According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-10
    plugin id 119520
    published 2018-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119520
    title EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1392)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-1102.NASL
    description Libgcrypt allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.(CVE-2018-0495) While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006.(CVE-2017-3735) Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe.(CVE-2018-0739)
    last seen 2019-02-21
    modified 2018-12-07
    plugin id 119464
    published 2018-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119464
    title Amazon Linux AMI : openssl (ALAS-2018-1102)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0091.NASL
    description An update of 'libgcrypt', 'libsoup' packages of Photon OS has been released.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 117397
    published 2018-09-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117397
    title Photon OS 2.0: Libgcrypt / Libsoup PHSA-2018-2.0-0091 (deprecated)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0182.NASL
    description An update of 'libsoup', 'libgcrypt' packages of Photon OS has been released.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 117396
    published 2018-09-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117396
    title Photon OS 1.0: Libgcrypt / Libsoup PHSA-2018-1.0-0182 (deprecated)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3692-1.NASL
    description Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. (CVE-2018-0732) Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. (CVE-2018-0737). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 110721
    published 2018-06-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110721
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : openssl, openssl1.0 vulnerabilities (USN-3692-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-3221.NASL
    description From Red Hat Security Advisory 2018:3221 : An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-11-07
    plugin id 118777
    published 2018-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118777
    title Oracle Linux 7 : openssl (ELSA-2018-3221)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-4236-1.NASL
    description This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in MozillaFirefox : Update to Firefox ESR 60.4 (bsc#1119105) CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 CVE-2018-18492: Fixed a use-after-free with select element CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images CVE-2018-12405: Fixed a few memory safety bugs Issues fixed in mozilla-nss: Update to NSS 3.40.1 (bsc#1119105) CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069) CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873) CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410) Fixed a decryption failure during FFDHE key exchange Various security fixes in the ASN.1 code Issues fixed in mozilla-nspr: Update mozilla-nspr to 4.20 (bsc#1119105) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 119871
    published 2018-12-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119871
    title SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nspr / mozilla-nss (SUSE-SU-2018:4236-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2019-A8FFCFF7EE.NASL
    description Minor update to version 1.1.1a with bug fixes and low impact security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-30
    plugin id 121239
    published 2019-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121239
    title Fedora 29 : 1:openssl (2019-a8ffcff7ee)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3850-1.NASL
    description Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. (CVE-2018-12384) It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. (CVE-2018-12404). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121062
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121062
    title Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : nss vulnerabilities (USN-3850-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-769.NASL
    description This update for libgcrypt fixes the following issue : The following security issue was fixed : - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures (bsc#1097410) This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-02-21
    modified 2018-09-06
    plugin id 111421
    published 2018-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111421
    title openSUSE Security Update : libgcrypt (openSUSE-2018-769)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4231.NASL
    description It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 110572
    published 2018-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110572
    title Debian DSA-4231-1 : libgcrypt20 - security update
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-164-01.NASL
    description New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue.
    last seen 2019-02-21
    modified 2018-09-06
    plugin id 110528
    published 2018-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110528
    title Slackware 14.2 / current : libgcrypt (SSA:2018-164-01)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-6788454AB6.NASL
    description Minor security update to version 1.8.3 from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 110575
    published 2018-06-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110575
    title Fedora 27 : libgcrypt (2018-6788454ab6)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1618.NASL
    description This update for mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in mozilla-nss : - Update to NSS 3.40.1 (bsc#1119105) - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069) - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873) - CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410) - Fixed a decryption failure during FFDHE key exchange - Various security fixes in the ASN.1 code Issues fixed in mozilla-nspr : - Update mozilla-nspr to 4.20 (bsc#1119105) This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 119948
    published 2018-12-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119948
    title openSUSE Security Update : mozilla-nspr and mozilla-nss (openSUSE-2018-1618)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-2089-1.NASL
    description This update for libgcrypt fixes the following issues: The following security vulnerability was addressed : - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410). The following other issues were fixed : - Extended the fipsdrv dsa-sign and dsa-verify commands with the --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 111439
    published 2018-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111439
    title SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2089-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3689-1.NASL
    description Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 110623
    published 2018-06-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110623
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libgcrypt11, libgcrypt20 vulnerability (USN-3689-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20181030_OPENSSL_ON_SL7_X.NASL
    description Security Fix(es) : - openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) - openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) - openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) - openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) - openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 119194
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119194
    title Scientific Linux Security Update : openssl on SL7.x x86_64
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_9B5162DE6F3911E8818EE8E0B747A45A.NASL
    description GnuPG reports : Mitigate a local side-channel attack on ECDSA signature as described in the white paper 'Return on the Hidden Number Problem'.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 110521
    published 2018-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110521
    title FreeBSD : libgcrypt -- side-channel attack vulnerability (9b5162de-6f39-11e8-818e-e8e0b747a45a)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-1993-1.NASL
    description This update for libgcrypt fixes the following issue: The following security issue was fixed : - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures (bsc#1097410) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 120054
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120054
    title SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2018:1993-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-1EA5BEB4CF.NASL
    description Minor security update to version 1.8.3 from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120278
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120278
    title Fedora 28 : libgcrypt (2018-1ea5beb4cf)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0182_LIBGCRYPT.NASL
    description An update of the libgcrypt package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121886
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121886
    title Photon OS 1.0: Libgcrypt PHSA-2018-1.0-0182
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3221.NASL
    description An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es) : * openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495) * openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732) * openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739) * openssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) * openssl: RSA key generation cache timing vulnerability in crypto/rsa/ rsa_gen.c allows attackers to recover private keys (CVE-2018-0737) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 118534
    published 2018-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118534
    title RHEL 7 : openssl (RHSA-2018:3221)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-4235-1.NASL
    description This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues : Issues fixed in MozillaFirefox : Update to Firefox ESR 60.4 (bsc#1119105) CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 CVE-2018-18492: Fixed a use-after-free with select element CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images CVE-2018-12405: Fixed a few memory safety bugs Issues fixed in mozilla-nss: Update to NSS 3.40.1 (bsc#1119105) CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069) CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873) CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410) Fixed a decryption failure during FFDHE key exchange Various security fixes in the ASN.1 code Issues fixed in mozilla-nspr: Update mozilla-nspr to 4.20 (bsc#1119105) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 120193
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120193
    title SUSE SLED15 / SLES15 Security Update : MozillaFirefox, mozilla-nspr / mozilla-nss (SUSE-SU-2018:4235-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-2452-2.NASL
    description This update for libgcrypt fixes the following issues : The following security vulnerability was addressed : CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410). The following other issues were fixed: Extended the fipsdrv dsa-sign and dsa-verify commands with the --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 119142
    published 2018-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119142
    title SUSE SLED12 / SLES12 Security Update : libgcrypt (SUSE-SU-2018:2452-2)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1405.NASL
    description It was discovered that Libgcrypt is prone to a local side-channel attack allowing recovery of ECDSA private keys. For Debian 8 'Jessie', these problems have been fixed in version 1.6.3-2+deb8u5. We recommend that you upgrade your libgcrypt20 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-31
    plugin id 110814
    published 2018-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110814
    title Debian DLA-1405-1 : libgcrypt20 security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-795.NASL
    description This update for libgcrypt fixes the following issues : The following security vulnerability was addressed : - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410). The following other issues were fixed : - Extended the fipsdrv dsa-sign and dsa-verify commands with the --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766) This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2018-09-06
    plugin id 111545
    published 2018-08-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111545
    title openSUSE Security Update : libgcrypt (openSUSE-2018-795)
redhat via4
advisories
  • rhsa
    id RHSA-2018:3221
  • rhsa
    id RHSA-2018:3505
rpms
  • openssl-1:1.0.2k-16.el7
  • openssl-devel-1:1.0.2k-16.el7
  • openssl-libs-1:1.0.2k-16.el7
  • openssl-perl-1:1.0.2k-16.el7
  • openssl-static-1:1.0.2k-16.el7
refmap via4
debian DSA-4231
misc
mlist [debian-lts-announce] 20180629 [SECURITY] [DLA 1405-1] libgcrypt20 security update
sectrack
  • 1041144
  • 1041147
ubuntu
  • USN-3689-1
  • USN-3689-2
  • USN-3692-1
  • USN-3692-2
  • USN-3850-1
  • USN-3850-2
Last major update 13-06-2018 - 19:29
Published 13-06-2018 - 19:29
Last modified 05-03-2019 - 08:25
Back to Top