CVE-2013-2566

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions TLS protocol (affected versions not specified) SSL protocol (affected versions not specified)

Description The issue concerns the RC4 algorithm used in the TLS and SSL protocols, which contains single-byte biases. This weakness allows remote attackers to potentially recover plaintext through statistical analysis of ciphertext in multiple sessions that utilize the same plaintext.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

ALT-PU-2013-1150

ALT-PU-2013-1334

ALT-PU-2014-1201

CVE-2013-2566

MGASA-2013-0337

Affected Products

Alt Linux

Ssl

Tls

CVE-2013-2566

Weakness Enumeration

Related Identifiers

Affected Products

References · 34