Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2016-1494
Description:The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
Test IDs: 1.3.6.1.4.1.25623.1.0.807213   1.3.6.1.4.1.25623.1.0.131178   1.3.6.1.4.1.25623.1.0.120634   1.3.6.1.4.1.25623.1.1.4.2016.0107.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-1494
BugTraq ID: 79829
http://www.securityfocus.com/bid/79829
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html
https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/
http://www.openwall.com/lists/oss-security/2016/01/05/3
http://www.openwall.com/lists/oss-security/2016/01/05/1
SuSE Security Announcement: openSUSE-SU-2016:0108 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html




© 1998-2024 E-Soft Inc. All rights reserved.