Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (VPN)  >   GnuTLS Vendors:
GnuTLS TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
SecurityTracker Alert ID:  1028086
SecurityTracker URL:
CVE Reference:   CVE-2013-1619   (Links to External Site)
Date:  Feb 6 2013
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to versions 2.12.23, 3.0.28, 3.1.7
Description:   A vulnerability was reported in GnuTLS. A remote user can recover plaintext in certain cases.

A user with low latency access to the target system's network can send specially crafted encrypted data and monitor the response timing to determine the plaintext contents of the data. For certain message lengths where the HMAC-SHA1 MAC algorithm is used, TLS messages containing at least two bytes of correct padding will be processed slightly faster than TLS messages containing one byte of correct padding or padding that is incorrectly formatted. By analyzing the timing variations over a large number of connections, the original plaintext can be determined.

This attack is known as the 'Lucky Thirteen' attack.

The vulnerability resides in the TLS/DTLS protocol specification.

The original advisory is available at:

Nadhem J. AlFardan and Kenneth G. Paterson of the Information Security Group Royal Holloway, University of London, reported this vulnerability.

Impact:   A remote user can recover plaintext.
Solution:   The vendor has issued a fix (2.12.23, 3.0.28, 3.1.7).

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Mar 4 2013 (Red Hat Issues Fix) GnuTLS TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Red Hat has issued a fix for Red Hat Enterprise Linux 5 and 6.
Sep 30 2013 (Oracle Issues Fix for Solaris) GnuTLS TLS/DTLS CBC Mode Oracle Padding Lets Remote Users Recover Plaintext
Oracle has issued a fix for Solaris 10 and 11.1.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC