exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2016-6313

Status Candidate

Overview

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.

Related Files

Gentoo Linux Security Advisory 201612-01
Posted Dec 2, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-1 - Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. Versions less than 1.4.21 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-6313
SHA-256 | 37fe9de631962cfd3e2975a9e2c328624e54229c467b32de7b2928980e4dd247
Red Hat Security Advisory 2016-2674-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-6313
SHA-256 | caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521
Gentoo Linux Security Advisory 201610-04
Posted Oct 10, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-4 - Multiple vulnerabilities have been fixed in libgcrypt,the worst of which results in predictable output from the random number generator. Versions less than 1.7.3 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3591, CVE-2015-0837, CVE-2015-7511, CVE-2016-6313
SHA-256 | 5619b69bf4075be672b52dd153d8f9e314becc2be95833013f21e6768d5f5bc7
Slackware Security Advisory - gnupg Updates
Posted Aug 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-6313
SHA-256 | 81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e
Ubuntu Security Notice USN-3064-1
Posted Aug 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3064-1 - Felix Doerre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-6313
SHA-256 | 32f0380e387cc522e4861cb3c5789969e6795c00bc238ae1cf1d227ac0f155b5
Ubuntu Security Notice USN-3065-1
Posted Aug 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3065-1 - Felix Doerre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-6313
SHA-256 | c98949d4841a7c0c1b1da172bfff40d4fc7c110ecdd4cc157730bdce69120e13
Debian Security Advisory 3650-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3650-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | efa2674601472cec1e98270928a4f9e5f05edc5bf53fa17755195d156213cafe
Debian Security Advisory 3649-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3649-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | ace6c155c376eb89be0ddc0b2ea842d1d45347d5464a43149266d99a003d042a
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close