CVE-2015-7824: Infoleak
First published: Wed Feb 24 2016(Updated: )
A padding oracle attack was possible against TLS CBC ciphersuites because if a certain length check on the packet fields failed, a different alert type than one used for message authentication failure would be returned to the sender. This check triggering would leak information about the value of the padding bytes and could be used to perform iterative decryption. As with most such oracle attacks, the danger depends on the underlying protocol - HTTP servers are particularly vulnerable. The current analysis suggests that to exploit it an attacker would first have to guess several bytes of plaintext, but again this is quite possible in many situations including HTTP. External references: <a href="http://botan.randombit.net/security.html">http://botan.randombit.net/security.html</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Botan Project Botan | <=1.11.21 | |
| redhat/botan | <1.11.22 | 1.11.22 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-7824
- agent/software-canonical-lookup
- agent/tags
- agent/event
- vendor/botan project
- canonical/botan project botan
- version/botan project botan/1.11.21
- package-manager/redhat