Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2013-1620
Description:The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Test IDs: 1.3.6.1.4.1.25623.1.0.865463   1.3.6.1.4.1.25623.1.0.865410   1.3.6.1.4.1.25623.1.0.865460   1.3.6.1.4.1.25623.1.0.841362   1.3.6.1.4.1.25623.1.0.871092   1.3.6.1.4.1.25623.1.0.865470   1.3.6.1.4.1.25623.1.0.881836   1.3.6.1.4.1.25623.1.0.850463   1.3.6.1.4.1.25623.1.0.881841   1.3.6.1.4.1.25623.1.0.865428   1.3.6.1.4.1.25623.1.0.881843   1.3.6.1.4.1.25623.1.0.850461   1.3.6.1.4.1.25623.1.0.865402   1.3.6.1.4.1.25623.1.0.871091   1.3.6.1.4.1.25623.1.0.865467   1.3.6.1.4.1.25623.1.0.881838   1.3.6.1.4.1.25623.1.0.881845   1.3.6.1.4.1.25623.1.0.865406   1.3.6.1.4.1.25623.1.0.120463   1.3.6.1.4.1.25623.1.0.120462  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-1620
BugTraq ID: 57777
http://www.securityfocus.com/bid/57777
BugTraq ID: 64758
http://www.securityfocus.com/bid/64758
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://seclists.org/fulldisclosure/2014/Dec/23
http://security.gentoo.org/glsa/glsa-201406-19.xml
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
http://openwall.com/lists/oss-security/2013/02/05/24
RedHat Security Advisories: RHSA-2013:1135
http://rhn.redhat.com/errata/RHSA-2013-1135.html
RedHat Security Advisories: RHSA-2013:1144
http://rhn.redhat.com/errata/RHSA-2013-1144.html
SuSE Security Announcement: openSUSE-SU-2013:0630 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html
SuSE Security Announcement: openSUSE-SU-2013:0631 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html
http://www.ubuntu.com/usn/USN-1763-1




© 1998-2024 E-Soft Inc. All rights reserved.