Showing 1 - 1 of 1

CVE-2016-4379

Status Candidate

Overview

The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay attack.

Related Files

HP Security Bulletin HPSBHF03641 1: Posted Aug 30, 2016; Authored by HP | Site hp.com; HP Security Bulletin HPSBHF03641 1 - A potential security vulnerability has been identified with certain versions of HPE Integrated Lights-Out 3 (iLO 3). This vulnerability, also known as the "Vaudenay vulnerability", could be remotely exploited using TLS CBC Padding and MAC Errors resulting in disclosure of information. Revision 1 of this advisory.; tags | advisory; advisories | CVE-2016-4379; SHA-256 | 58e82735227f4286de90f9cfe8309c05b1d48976220a0330658f8f7cc251e5ed; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 254 files
Ubuntu 57 files
Gentoo 33 files
Debian 24 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Google Security Research 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,048)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,846)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,952)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,535)
UNIX (9,409)
UnixWare (187)
Windows (6,660)
Other

CVE-2016-4379

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems