CVE-2016-6313 – libgcrypt: PRNG output is predictable
https://notcve.org/view.php?id=CVE-2016-6313
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits. Las funciones de mezcla en el generador de números aleatorios en Libgcrypt en versiones anteriores a 1.5.6, 1.6.x en versiones anteriores a 1.6.6 y 1.7.x en versiones anteriores a 1.7.3 y GnuPG en versiones anteriores a 1.4.21 hacen más fácil para atacantes obtener valores de 160 bits aprovechando el conocimiento de los 4640 bits previos. A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. • http://rhn.redhat.com/errata/RHSA-2016-2674.html http://www.debian.org/security/2016/dsa-3649 http://www.debian.org/security/2016/dsa-3650 http://www.securityfocus.com/bid/92527 http://www.securitytracker.com/id/1036635 http://www.ubuntu.com/usn/USN-3064-1 http://www.ubuntu.com/usn/USN-3065-1 https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=blob_plain%3Bf=NEWS https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html https://securit • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-4355
https://notcve.org/view.php?id=CVE-2016-4355
Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow. Múltiples desbordamientos de enteros en ber-decoder.c en Libksba en versiones anteriores a 1.3.3 permiten a atacantes remotos provocar una caída del servicio (caída) a través de una información BER manipulada, lo que conduce a un desbordamiento del buffer. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=aea7b6032865740478ca4b706850a5217f1c3887 http://www.openwall.com/lists/oss-security/2016/04/29/5 http://www.openwall.com/lists/oss-security/2016/04/29/8 http://www.ubuntu.com/usn/USN-2982-1 https://security.gentoo.org/glsa/201604-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-4574
https://notcve.org/view.php?id=CVE-2016-4574
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356. El error off-by-one en la función append_utf8_value en el decodificador DN (dn.c) en Libksba en versiones anteriores a 1.3.4 permite a atacantes remotos provocar una caída de servicio (lectura fuera de rango) a través de una codificación de la información utf-8. NOTA: esta vulnerabilidad existe debido a una reparación incompleta de CVE-2016-4356. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=6be61daac047d8e6aa941eb103f8e71a1d4e3c75 http://lists.opensuse.org/opensuse-updates/2016-05/msg00087.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00028.html http://www.openwall.com/lists/oss-security/2016/05/10/3 http://www.openwall.com/lists/oss-security/2016/05/10/4 http://www.ubuntu.com/usn/USN-2982-1 • CWE-189: Numeric Errors •
CVE-2016-4353
https://notcve.org/view.php?id=CVE-2016-4353
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data. ber-decoder.c en Libksba en versiones anteriores a 1.3.3 no maneja correctamente el decodificador de desbordamiento de pila, lo que permite a atacantes remotos provocar una denegación de servicio (abortado) a través de una información BER manipulada. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=07116a314f4dcd4d96990bbd74db95a03a9f650a http://www.openwall.com/lists/oss-security/2016/04/29/5 http://www.openwall.com/lists/oss-security/2016/04/29/8 http://www.ubuntu.com/usn/USN-2982-1 https://security.gentoo.org/glsa/201604-04 • CWE-20: Improper Input Validation •
CVE-2016-4356
https://notcve.org/view.php?id=CVE-2016-4356
The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data. La función append_utf8_value en el decodificador DN (dn.c) en Libksba en versiones anteriores a 1.3.3 permite a atacantes remotos provocar una caída de servicio (lectura fuera de rango) borrando el bit del byte después de datos codificados UTF-8 no válidos. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=243d12fdec66a4360fbb3e307a046b39b5b4ffc3 http://www.openwall.com/lists/oss-security/2016/04/29/5 http://www.openwall.com/lists/oss-security/2016/04/29/8 http://www.openwall.com/lists/oss-security/2016/05/10/3 http://www.ubuntu.com/usn/USN-2982-1 https://security.gentoo.org/glsa/201604-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •