SecuritySpace - CVE-2013-1618

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-1618

Description: The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-1618
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
http://openwall.com/lists/oss-security/2013/02/05/24
SuSE Security Announcement: openSUSE-SU-2013:0289 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.html

CVE ID:	CVE-2013-1618
Description:	The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1618 http://www.isg.rhul.ac.uk/tls/TLStiming.pdf http://openwall.com/lists/oss-security/2013/02/05/24 SuSE Security Announcement: openSUSE-SU-2013:0289 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-02/msg00038.html