Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-4242

Опубликовано: 19 авг. 2013
Источник: nvd
CVSS2: 1.9
EPSS Низкий

Описание

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
Версия до 1.4.13 (включая)
cpe:2.3:a:gnupg:gnupg:0.0.0:-:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.4:-:win32:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.5:-:win32:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.1:windows:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.90:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.91:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.92:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.93:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*
Версия до 1.5.2 (включая)
cpe:2.3:a:gnupg:libgcrypt:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.5.1:*:*:*:*:*:*:*
Конфигурация 6

Одно из

cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00157
Низкий

1.9 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2013-4242

ubuntu
около 12 лет назад

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

redhat логотип

CVE-2013-4242

redhat
больше 12 лет назад

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

debian логотип

CVE-2013-4242

debian
около 12 лет назад

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x ...

github логотип

GHSA-rpp2-q7rq-p78j

github
больше 3 лет назад

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.

oracle-oval логотип

ELSA-2013-1457

oracle-oval
около 12 лет назад

ELSA-2013-1457: libgcrypt security update (MODERATE)

EPSS

Процентиль: 37%
0.00157
Низкий

1.9 Low

CVSS2

Дефекты

CWE-200
Уязвимость CVE-2013-4242