Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-6329

Опубликовано: 31 янв. 2017
Источник: debian

Описание

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
openvpnunfixedpackage

Примечания

  • https://community.openvpn.net/openvpn/wiki/SWEET32

  • This is a generic cryptographic weakness, not a vulnerability in OpenVPN per se

Связанные уязвимости

ubuntu логотип

CVE-2016-6329

CVSS3: 5.9
ubuntu
больше 8 лет назад

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

nvd логотип

CVE-2016-6329

CVSS3: 5.9
nvd
больше 8 лет назад

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

github логотип

GHSA-w6pr-cm6j-f384

CVSS3: 5.9
github
около 3 лет назад

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.

fstec логотип

BDU:2019-04216

CVSS3: 5.9
fstec
почти 9 лет назад

Уязвимость программного обеспечения OpenVPN, связанная с проблемами использования шифрования с 64-битным блоком, позволяющая нарушителю восстановить исходное сообщение

suse-cvrf логотип

openSUSE-SU-2017:1638-1

suse-cvrf
почти 8 лет назад

Security update for openvpn