Codetective is an analysis tool to determine the crypto/encoding algorithm used according to traces of its representation. It can be used as a standalone version or as a volatility plugin for memory analysis. Written in Python.
21fdbdc0859f7fe9b0df449a9462d6efMandriva Linux Security Advisory 2012-038 - The implementation of Cryptographic Message Syntax and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack adaptive chosen ciphertext attack. The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. The updated packages have been patched to correct these issues.
f4a72b486a3e05769f6e164ff30c6861Codetective is a simple tool to determine the crypto/encoding algorithm used according to traces of its representation. Written in Python.
9c8da41d34a1944224caff4d52a191bfThe cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, they reveal the specification of INCrypt32 by reverse engineering an iCLASS card and investigate the security of INCrypt32. As a result, we show that the secret key of size 64 bits can be recovered using only 218 MAC queries if the attacker can request MAC for chosen messages of arbitrary length. If the length of messages is limited to pre-determined values by the authentication protocol, the required number of MAC queries grows to 242 to recover the secret key.
ee33f7e2da98c62d3b33c6294941bbe8Debian Linux Security Advisory 2374-1 - The information security group at ETH Zurich discovered a denial of service vulnerability in the crypto helper handler of the IKE daemon pluto.
57ee7b679e68864a6ade661ccacd8224Mandriva Linux Security Advisory 2011-137 - The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages, which allows remote attackers to cause a denial of service via out-of-order messages that violate the TLS protocol.
d4cdd08b16fe165439352bfa6ccaf846Debian Linux Security Advisory 2309-1 - Several fraudulent SSL certificates have been found in the wild issued by the DigiNotar Certificate Authority, obtained through a security compromise of said company. After further updates on this incident, it has been determined that all of DigiNotar's signing certificates can no longer be trusted. Debian, like other software distributors and vendors, has decided to distrust all of DigiNotar's CAs. In this update, this is done in the crypto library (a component of the OpenSSL toolkit) by marking such certificates as revoked. Any application that uses said component should now reject certificates signed by DigiNotar. Individual applications may allow users to override the validation failure. However, making exceptions is highly discouraged and should be carefully verified.
75778ebf110f3672b8da640ba66110e8Debian Linux Security Advisory 2300-2 - Several unauthorized SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS crypto libraries.
da30a01efaf7549bfd1ee125729ce090Debian Linux Security Advisory 2300-1 - Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS crypto libraries.
c536f0e78e2b245da2edac0ef79e837aThis whitepaper describes a timing attack vulnerability in OpenSSL's ladder implementation for curves over binary fields. They use this vulnerability to steal the private key of a TLS server where the server authenticates with ECDSA signatures. Using the timing of the exchanged messages, the messages themselves, and the signatures, they mount a lattice attack that recovers the private key. Finally, they describe and implement an effective countermeasure.
4558b899d97a106def3ba064ab5eadfepycryptopp provides a few useful cryptography algorithms for Python programmers, based on the excellent Crypto++ library (which is written in C++).
c5b86ad1ebda0e7999bb50d72e412c6aOpenCT implements driver and middle-ware for smart card readers. OpenCT drivers can be used via the ct-api interface, the ifdhandler interface, or its own interface/middle-ware. It implements drivers for several USB crypto tokens, USB smart card readers, serial smart card readers, and PCMCIA smart card readers.
a1da3358ab798f1cb9232f1dbababc21Debian Linux Security Advisory 2100-1 - George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.
778bdc01f758228ffbcc2e477119adc1Mandriva Linux Security Advisory 2010-022 - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_free_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct thies issue.
fdb2aaebfd656adeaa8421e92c498f67Mandriva Linux Security Advisory 2010-006 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
30a52e5f3a7875296841d488abaa6a7cDebian Linux Security Advisory 1969-1 - It was discovered that krb5, a system for authenticating users and services on a network, is prone to integer underflow in the AES and RC4 decryption operations of the crypto library. A remote attacker can cause crashes, heap corruption, or, under extraordinarily unlikely conditions, arbitrary code execution.
941b47f478b812ad02bf8c80885c29f0MIT krb5 Security Advisory 2009-004 - Integer underflow bugs in the AES and RC4 decryption operations of the crypto library of the MIT Kerberos software can cause crashes, heap corruption, or, under extraordinarily unlikely conditions, arbitrary code execution. Only releases krb5-1.3 and later are vulnerable, as earlier releases did not contain the functionality implemented by the vulnerable code.
3409a3e1b976b767c31a20823989740aNettle is a cryptographic library that is designed to fit easily in more or less any context: in crypto toolkits for object-oriented languages (C++, Python, Pike, etc.), in applications like LSH or GNUPG, or even in kernel space. In most contexts, you need more than the basic cryptographic algorithms; you also need some way to keep track of available algorithms and their properties and variants. You often have some algorithm selection process, often dictated by a protocol you want to implement. And as the requirements of applications differ in subtle and not so subtle ways, an API that fits one application well can be a pain to use in a different context, which is why there are so many different cryptographic libraries around. Nettle tries to avoid this problem by doing one thing, the low-level crypto stuff, and providing a simple but general interface to it. In particular, Nettle doesn't do algorithm selection. It doesn't do memory allocation. It doesn't do any I/O. The idea is that one can build several application- and context-specific interfaces on top of Nettle and share the code, testcases, benchmarks, documentation, etc.
d813bc76b1042d76100efbc6a955d7dfDebian Security Advisory 1763-1 - It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate.
501f984e2b5acc4da34911e21c92a321Secunia Security Advisory - Ubuntu has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
79924b8cfc923623aa5b0bbe3440b1ecUbuntu Security Notice USN-729-1 - Mike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to a denial of service.
d733697d939b79ab45073f544c25e761Secunia Security Advisory - Debian has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
4500a0dd568da19a456801534a369810Secunia Security Advisory - Fedora has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
cfd8403cb688817a070c88e7ec98859bDebian Security Advisory 1726-1 - Mike Wiacek discovered that a buffer overflow in the ARC2 implementation of Python Crypto, a collection of cryptographic algorithms and protocols for Python allows denial of service and potentially the execution of arbitrary code.
bc4fcb477d18dcf025495a5c12f05e43Gentoo Linux Security Advisory GLSA 200812-09 - Smart cards formatted using OpenSC do not sufficiently protect the PIN, allowing attackers to reset it. Chaskiel M Grundman reported that OpenSC uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Versions less than 0.11.6 are affected.
f97285c3a44f8a414c0286410f9eab60
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed