QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-2808

Back to search

CVE-2015-2808

Published: Apr 1, 2015

Modified: May 28, 2026

PUBLISHED

Description

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

VendorProductVersions

n/a

n/a

affected
n/a

References

SSRT102127
vendor-advisory
RHSA-2015:1243
vendor-advisory
RHSA-2015:1007
vendor-advisory
HPSBGN03367
vendor-advisory
HPSBUX03512
vendor-advisory
RHSA-2015:1006
vendor-advisory
1033737
vdb-entry
SUSE-SU-2015:2192
vendor-advisory
HPSBGN03399
vendor-advisory
1036222
vdb-entry
SSRT102129
vendor-advisory
GLSA-201512-10
vendor-advisory
RHSA-2015:1229
vendor-advisory
1032600
vdb-entry
1032910
vdb-entry
USN-2706-1
vendor-advisory
RHSA-2015:1526
vendor-advisory
SSRT102133
vendor-advisory
1032599
vdb-entry
HPSBMU03401
vendor-advisory
HPSBMU03345
vendor-advisory
1032734
vdb-entry
IV71892
vendor-advisory
1033769
vdb-entry
1032707
vdb-entry
openSUSE-SU-2015:1289
vendor-advisory
HPSBGN03372
vendor-advisory
RHSA-2015:1091
vendor-advisory
HPSBGN03402
vendor-advisory
IV71888
vendor-advisory
RHSA-2015:1228
vendor-advisory
HPSBGN03405
vendor-advisory
1032708
vdb-entry
DSA-3316
vendor-advisory
SUSE-SU-2015:2166
vendor-advisory
1033415
vdb-entry
HPSBGN03366
vendor-advisory
HPSBGN03403
vendor-advisory
SSRT102254
vendor-advisory
HPSBGN03407
vendor-advisory
1033432
vdb-entry
HPSBGN03354
vendor-advisory
SUSE-SU-2015:1138
vendor-advisory
1032858
vdb-entry
SSRT102073
vendor-advisory
1032788
vdb-entry
USN-2696-1
vendor-advisory
DSA-3339
vendor-advisory
RHSA-2015:1020
vendor-advisory
RHSA-2015:1242
vendor-advisory
SUSE-SU-2015:1086
vendor-advisory
1033431
vdb-entry
1032868
vdb-entry
HPSBGN03415
vendor-advisory
91787
vdb-entry
SUSE-SU-2015:1319
vendor-advisory
SUSE-SU-2015:1320
vendor-advisory
openSUSE-SU-2015:1288
vendor-advisory
RHSA-2015:1241
vendor-advisory
RHSA-2015:1230
vendor-advisory
HPSBGN03338
vendor-advisory
1033386
vdb-entry
HPSBMU03377
vendor-advisory
1033072
vdb-entry
SSRT102150
vendor-advisory
SUSE-SU-2015:1085
vendor-advisory
RHSA-2015:1021
vendor-advisory
SUSE-SU-2015:1073
vendor-advisory
SUSE-SU-2015:1161
vendor-advisory
HPSBGN03414
vendor-advisory
73684
vdb-entry
1032990
vdb-entry
1033071
vdb-entry
SUSE-SU-2016:0113
vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now