CVE-2014-4191

Currently unrated

Key Information:

Vendor: Dell
Status: Bsafe Share
Vendor: CVE Published:; 17 June 2014

Summary

The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.

References

http://dualec.org/DualECTLS.pdf

x_refsource_MISC

http://dualec.org/

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 17, 2014