QwikSec

Security Database

CVE

CWE

Training

CVE-2015-7744

Published: Jan 22, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2016:0367

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_SECTRACK

http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html

x_refsource_CONFIRM

https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf

x_refsource_MISC

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html

x_refsource_CONFIRM

https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/

x_refsource_MISC

openSUSE-SU-2016:0377

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.