exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2016-6313

Status Candidate

Overview

The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits.

Related Files

Gentoo Linux Security Advisory 201612-01
Posted Dec 2, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-1 - Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. Versions less than 1.4.21 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-6313
SHA-256 | 37fe9de631962cfd3e2975a9e2c328624e54229c467b32de7b2928980e4dd247
Red Hat Security Advisory 2016-2674-01
Posted Nov 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-6313
SHA-256 | caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521
Gentoo Linux Security Advisory 201610-04
Posted Oct 10, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201610-4 - Multiple vulnerabilities have been fixed in libgcrypt,the worst of which results in predictable output from the random number generator. Versions less than 1.7.3 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3591, CVE-2015-0837, CVE-2015-7511, CVE-2016-6313
SHA-256 | 5619b69bf4075be672b52dd153d8f9e314becc2be95833013f21e6768d5f5bc7
Slackware Security Advisory - gnupg Updates
Posted Aug 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-6313
SHA-256 | 81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e
Ubuntu Security Notice USN-3064-1
Posted Aug 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3064-1 - Felix Doerre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-6313
SHA-256 | 32f0380e387cc522e4861cb3c5789969e6795c00bc238ae1cf1d227ac0f155b5
Ubuntu Security Notice USN-3065-1
Posted Aug 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3065-1 - Felix Doerre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-6313
SHA-256 | c98949d4841a7c0c1b1da172bfff40d4fc7c110ecdd4cc157730bdce69120e13
Debian Security Advisory 3650-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3650-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | efa2674601472cec1e98270928a4f9e5f05edc5bf53fa17755195d156213cafe
Debian Security Advisory 3649-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3649-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | ace6c155c376eb89be0ddc0b2ea842d1d45347d5464a43149266d99a003d042a
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close