[VU:144389] TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding
Overview
TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a "ROBOT attack".
Impact
A remote, unauthenticated attacker may be able to obtain the TLS pre-master secret (TLS session key) and decrypt TLS traffic.
Solution
Disable TLS RSA Affected users and system administrators are encouraged to disable TLS RSA cyphers if possible. Please refer to your product's documentation or contact the vendor's customer service. Apply an update Some products may have software updates available to address this issue. If an update is available, affected users are encouraged to update product software or firmware. Please see the Affected Vendors list below for more information. Note for developers RFC 5246 contains remediation advice for Bleichenbacher-style attacks. Developers are encouraged to review the advice and ensure implementations of TLS or software that utilizes a TLS library does not introduce further message or timing discrepancies that may be used in a Bleichenbacher-style attack.
Acknowledgements
Thanks to Hanno Boeck Juraj Somorovsky of Ruhr-Universität Bochum / Hackmanit GmbH, and Craig Young of Tripwire VERT
fo
r reporting this vulnerability.
- ID
- VU:144389
- Severity
- high
- Severity from
- CVE-2017-6168
- URL
- https://kb.cert.org/vuls/id/144389
- Published
-
2017-12-12T16:04:44
(6 years ago) - Modified
-
2018-04-09T17:19:13
(6 years ago) - Rights
- Copyright 2017, CERT Coordination Center (CERT/CC)
- Other Advisories
-
- ALAS-2012-136
- ALAS-2012-137
- CISCO-SA-20171212-BLEICHENBACHER
- DSA-4057-1
- DSA-4072-1
- ELSA-2012-1384
- ELSA-2012-1385
- ELSA-2012-1386
- FEDORA-2017-93b6236635
- FEDORA-2017-9e6df1e099
- FEDORA-2018-ceced55c5e
- FEDORA-2018-da9fe79871
- FEDORA-2018-e6894349c9
- FREEBSD:6A131FBF-EC76-11E7-AA65-001B216D295B
- GLSA-201401-30
- GLSA-201406-32
- MAVEN:GHSA-WRWF-PMMJ-W989
- openSUSE-SU-2017:3255-1
- openSUSE-SU-2017:3257-1
- openSUSE-SU-2020:0607-1
- RHSA-2012:1384
- RHSA-2012:1386
- RHSA-2012:1391
- RHSA-2012:1392
- RHSA-2012:1465
- RHSA-2012:1466
- RHSA-2012:1467
- SUSE-SU-2015:0344-1
- SUSE-SU-2015:0392-1
- SUSE-SU-2015:1086-1
- SUSE-SU-2015:1086-3
- SUSE-SU-2018:0974-1
- USN-1619-1
- USN-3571-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |