crypto_cves.md 6.8 KB
title: List of Cryptographic Vulnerabilities [2016-2018] categories: [cheatsheets]
A list of cryptography based vulnerabilities. Only vulnerabilities where the impact is also affecting a cryptographic component are listed. For Example, no memory corruptions issued with DoS, .., is listed.
- hash: problems concerning hash function usage
- code/cry: problems concerning crypto implementations (parameter choice, wrong protokoll implementation, ..)
- code/mem: memory corruption bugs on implemented crypto functions
| cve | product | type | description
---
CVE-2018-9233 | Sophos Endpoint Protection | hash | unsalted SHA-1
CVE-2018-6594 | PyCrypto Library | code/cry | weak ElGamal Key Parameters
CVE-2018-5917 | Snapdragon * | code/mem | possible buffer overflow
CVE-2018-19854 | Linux Kernel | code/mem | crypto_report_one() potential memory leak
CVE-2018-14619 | Linux Kernel | code/mem | wrong free()
CVE-2018-16875 | Go crypto x509 lib | code/mem | chain verification - possible CPU dos
CVE-2018-14616 | Linux Kernel | code/mem | null pointer dereference
CVE-2018-13547 | Providence Crypto Casino | code/mem | integer overflow in smart contract
CVE-2018-13488 | Crypto Alley Shares | code/mem | integer overflow in smart contract
CVE-2018-13210 | Providence Crypto Casino | code/mem | integer overflow in smart contract
CVE-2018-0154 | Cisco ISM-VPN | code/mem | dos condition handling vpn traffic
CVE-2018-xxxxx | | |
CVE-2017-3204 | Golang SSH Library | code/cry | No host key verification used by default
CVE-2017-12870 | SimpleSAMLphp | code/cry | leveraging aesEncrypt and aesDecrypt to simplify Man-in-the-middle attacks
CVE-2017-0626 | Qualcomm crypto engine | code/mem | information disclosure that can lead an attacker to access sensitive information of to elevate privileges
CVE-2016-6298 | Python jwcrypto.py | code/cry | Class lacks random filling protection, this enables an attacker to obtain cleartext data via a "million message attack" (MMA)
CVE-2016-4711 | Apple iOS CommonCrypt | code/mem | uncleared input/output buffer enables attackers to read cleartext data
CVE-2016-2178 | OpenSSL | code/cry | Does not ensure to properly implement constant-time operations. This can lead to discover the DSA private key via a timing side-channel attack.
CVE-2016-10466 | Android Qualcomm Snapdragon X | code/cry | Hardcoded random value is used during the SSL handshake if an error occures in the PRNG
CVE-2016-0701 | OpenSSL | code/cry | Not ensuring appropriate primes for DH key exchanges makes it easiert for attackers to discover the private DH exponent via multiple handshakes
Reference:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=crypto
| cve | product | type | description
---
CVE-2018-5762 | Unisys ClearPath TLS Module | code/cry | ROBOT ~ return of Bleichenbacher Oracle Thread
CVE-2018-16869 | Nettle | code/cry | Bleichenbacher side-channel padding oracle for PKCS #1 v1.5
CVE-2018-16868 | GnuTLS | code/cry | Bleichenbacher side-channel padding oracle for PKCS #1 v1.5
CVE-2018-15836 | Openswan | code/cry | PKCS #1 v1.5 padding is not verified
CVE-2018-1388 | GSKit V7 | code/cry | side channel attack, discrepancy between valid and invalid PKCS #1 padding
CVE-2018-2879 | Oracle Access Manager | code/cry | Authentication bypass, CBC PKCS #7 Padding Oracle
CVE-2017-17841 | Palo Alto Networks | code/cry | ROBOT Attack
CVE-2017-17428 | Cavium Nitrox SSL, Turbo SSL | code/cry | ROBOT Attack
CVE-2017-17382 | Citrix NetScaler ADC | code/cry | ROBOT Attack
CVE-2017-17305 | Huawei Firewall | code/cry | ROBOT Attack
CVE-2017-14906 | Android Qualcomm Snapdragon X | code/cry | Missing support of PKCS #7 padding
CVE-2017-13091 | P1735 IEEE standard | code/cry | improperly specified CBC padding, resulting in a padding oracle
CVE-2017-12973 | Nimbus JOSE+JWT | code/cry | improper proceccing of invalid AES-CBC, resulting in a padding oracle attack
CVE-2017-10668 | OSCI-Transport | code/cry | CBC Padding Oracle in OSCI-Transport Library
CVE-2017-1000385| Erlang otp TLS Server | code/cry | Different Error-Types in RSA PKCS #1 1.5 Padding, making it vulnerable to a variantion of the bleichenbacher attack
CVE-2016-8771 | Botan 1.11 | code/cry | RSA-OAEP Padding Oracle via Timing Side Channel, can be used to recover plaintext
CVE-2016-6606 | phpMyAdmin | code/cry | Cookie decryption (username/password) is vulnerable to a padding oracle attack (AES-CBC)
CVE-2016-4379 | HP iLO3 TLS implementation | code/cry | Invalid MAC protection + cbc padding, resulting in a padding oracle attack
CVE-2016-4028 | Open-Xchange OX Guard | code/cry | Decryption of a auth. token results in a AES-CBC Padding Oracle via different error messages
CVE-2016-3702 | CloudForms Management Engine | code/cry | Padding Oracle Flaw via AES-CBC stored data
CVE-2016-2107 | AES-NI in OpenSSL | code/mem | invalid memory allocation via a padding check, leading to a AES-CBC Padding Oracle Attack an AES-CBC Session
CVE-2016-1494 | Python-RSA Lib. | code/cry | Crafted Signature Padding can lead to spooed signatures via BERserk Attack
CVE-2016-10469 | Android Qualcomm Snapdragon X | code/cry | incorrect implementation of RSA padding functions
CVE-2016-1000345| Bouncy Castle JCE Provider | code/cry | AES-CBC Padding Oracle via timing side channel
CVE-2016-0800 | OpenSSL SSL Protocol | code/cry | Missing ServerVerify message helps attackers to leveraging a bleichenbacher attack (DROWN attack)
CVE-2016-0736 | Apache HTTP Server | code/cry | mod_session_crypto encrypting sessions with AES_CBC which is vulnerable to a padding oracle attack
CVE-2016-0704 | OpenSSL SSLv2 implementation | code/mem | overwrites wrong MASTER-KEY, resulting in the possibility to leverage bleichenbacher padding oracle attacks
CVE-2016-0703 | OpenSSL SSLv2 implementation | code/mem | Accepting a non-zero CLIENT-MASTER-KEY which allows a Mitm Attacker to leverage a bleichenbacher padding oracle attack
Reference:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=padding
Currently a total of 47 vulnerabilities (2016 - 2018)