exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2016-6329

Status Candidate

Overview

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

Related Files

Micro Focus Security Bulletin MFSBGN03805 1
Posted May 10, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03805 1 - A potential security vulnerability has been identified in Service Manager. This vulnerability may allow an exploit against a long-duration encrypted session known as the Sweet32 attack, and which may be exploited remotely. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-2183, CVE-2016-6329
MD5 | f8343940eadac27e71f49882b72b5615
Micro Focus Security Bulletin MFSBGN03794 2
Posted Mar 1, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03794 2 - A potential security vulnerabilities has been identified in Micro Focus Operations Agent. The vulnerabilities could be remotely exploited to Remote Disclosure of Information. At this time Micro Focus Alarm Manager uses a vulnerable encryption infrastructure. Revision 2 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2016-6329
MD5 | afc9e132384c032fbf6de68ca14bef89
Ubuntu Security Notice USN-3339-1
Posted Jun 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3339-1 - Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warning to the log file when a 64-bit block cipher is in use. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that OpenVPN incorrectly handled rollover of packet ids. An authenticated remote attacker could use this issue to cause OpenVPN to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-6329, CVE-2017-7479, CVE-2017-7508, CVE-2017-7512, CVE-2017-7520, CVE-2017-7521
MD5 | d3cafbb3d6cf1f0190409317b5d44266
HP Security Bulletin HPSBGN03694 1
Posted Jan 13, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03694 1 - A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE SiteScope resulting in remote disclosure of information, also known as the SWEET32 attack. Revision 1 of this advisory.

tags | advisory, remote, protocol
advisories | CVE-2016-2183, CVE-2016-6329
MD5 | 6ae4e6988408716f0d29122364176e71
Gentoo Linux Security Advisory 201611-02
Posted Nov 1, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-2 - Multiple vulnerabilities have been found in OpenVPN, the worst of which allows remote attackers to read encrypted traffic. Versions less than 2.3.12 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2016-6329
MD5 | 9e217e0e686024d8680ef537861f7b5c
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    14 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close