mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
2.5 KiB
2.5 KiB
CVE-2013-0169
Description
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
POC
Reference
- http://www-01.ibm.com/support/docview.wss?uid=swg21644047
- http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Artem-Salnikov/devops-netology
- https://github.com/Artem-Tvr/sysadmin-09-security
- https://github.com/Himangshu30/SECURITY-SCRIPTS
- https://github.com/Justic-D/Dev_net_home_1
- https://github.com/KaeminMoore/Securityscripts
- https://github.com/Kapotov/3.9.1
- https://github.com/Live-Hack-CVE/CVE-2013-1620
- https://github.com/Live-Hack-CVE/CVE-2016-2107
- https://github.com/PeterMosmans/security-scripts
- https://github.com/Vainoord/devops-netology
- https://github.com/Valdem88/dev-17_ib-yakovlev_vs
- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14
- https://github.com/WiktorMysz/devops-netology
- https://github.com/alexandrburyakov/Rep2
- https://github.com/alexgro1982/devops-netology
- https://github.com/bysart/devops-netology
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/dmitrii1312/03-sysadmin-09
- https://github.com/eldron/metls
- https://github.com/geon071/netolofy_12
- https://github.com/hrbrmstr/internetdb
- https://github.com/ilya-starchikov/devops-netology
- https://github.com/jquepi/tlslite-ng
- https://github.com/lnick2023/nicenice
- https://github.com/nikolay480/devops-netology
- https://github.com/odolezal/D-Link-DIR-655
- https://github.com/pashicop/3.9_1
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/sahithipriya03/Security-using-python-scripts
- https://github.com/sailfishos-mirror/tlslite-ng
- https://github.com/stanmay77/security
- https://github.com/summitto/tlslite-ng
- https://github.com/tlsfuzzer/tlslite-ng
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yellownine/netology-DevOps