Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux SE 1.5
Astra Linux SE 1.6
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:33324
[Rus]
Version
3
Class
patch
ALTXid
182608
Language
English
Severity
High
Title
DLA-1418-1 -- bouncycastle security update
Description
Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms.
Family
unix
Platform
Debian 8
Product
bouncycastle
Reference
VENDOR: DLA-1418-1
VENDOR: DLA-1418-1
Id:
DLA-1418-1
Reference:
https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201807/msg00009.html
CVE: CVE-2016-1000338
CVE: CVE-2016-1000338
Id:
CVE-2016-1000338
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000338
Comment
: In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE:
347 (Improper Verification of Cryptographic Signature)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0 (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000339
CVE: CVE-2016-1000339
Id:
CVE-2016-1000339
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000339
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE:
310 (Cryptographic Issues)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/413b42f4d770456508585c830cfcde95f9b0e93b#diff-54656f860db94b867ba7542430cd2ef0 (CONFIRM)
https://github.com/bcgit/bc-java/commit/8a73f08931450c17c749af067b6a8185abdfd2c0#diff-494fb066bed02aeb76b6c005632943f2 (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000341
CVE: CVE-2016-1000341
Id:
CVE-2016-1000341
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE:
361 (Time and State)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/acaac81f96fec91ab45bd0412beaf9c3acd8defa#diff-e75226a9ca49217a7276b29242ec59ce (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000342
CVE: CVE-2016-1000342
Id:
CVE-2016-1000342
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000342
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
PARTIAL
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE:
347 (Improper Verification of Cryptographic Signature)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9 (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000343
CVE: CVE-2016-1000343
Id:
CVE-2016-1000343
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000343
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.
CVSSv2 Score:
5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE:
310 (Cryptographic Issues)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/50a53068c094d6cff37659da33c9b4505becd389#diff-5578e61500abb2b87b300d3114bdfd7d (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000345
CVE: CVE-2016-1000345
Id:
CVE-2016-1000345
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE:
361 (Time and State)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098 (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
CVE: CVE-2016-1000346
CVE: CVE-2016-1000346
Id:
CVE-2016-1000346
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346
Comment
: In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE:
320 (Key Management Errors)
References:
RHSA-2018:2669 (REDHAT)
RHSA-2018:2927 (REDHAT)
https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937 (CONFIRM)
[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update (MLIST)
https://security.netapp.com/advisory/ntap-20181127-0004/ (CONFIRM)
USN-3727-1 (UBUNTU)
Content available only for registered users!
ovaldb@altx-soft.com