CVE-2014-4192

Currently unrated

Key Information:

Vendor: Dell
Status: Bsafe Share
Vendor: CVE Published:; 17 June 2014

Summary

The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than CVE-2007-6755.

References

http://dualec.org/DualECTLS.pdf

x_refsource_MISC

http://dualec.org/

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 17, 2014