Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   RSA BSAFE SSL-J Vendors:   EMC, RSA
RSA BSAFE SSL-J 'ServerKeyExchange' Flaw Lets Remote Users Obtain Private Keys on the Target System
SecurityTracker Alert ID:  1035517
SecurityTracker URL:
CVE Reference:   CVE-2015-0478, CVE-2016-0887   (Links to External Site)
Date:  Apr 12 2016
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 6.2.1
Description:   A vulnerability was reported in RSA BSAFE SSL-J. A remote user can obtain a private key on the target system.

A remote user can use specially crafted Chinese Remainder Theorem (CRT) private values and then attempt to establish a TLS connection to a target server that implements the 'ServerKeyExchange' handshake message, negotiate Perfect Forward Secrecy with the target server, and monitor the ServerKeyExchange message failure message to recover the RSA private key data.

The vulnerability is due to an undetected error that may occur during a PKCS #1 v1.5 RSA signature operation using CRT private values.

The side channel attack method is referred to as "Lenstra's Attack".

Impact:   A remote user can obtain private keys on the target system.
Solution:   The vendor has issued a fix (6.2.1; Advisory ESA-2016-013).
Vendor URL: (Links to External Site)
Cause:   Exception handling error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC