CVE-2013-0169


Severity : Low
Published : 2013-02-08
Modified : 2014-10-04
Base Score : 2.6
Details : The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Product/Version :  
Per http://www.openssl.org/news/vulnerabilities.html:  
Fixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)  
Fixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0)  
Fixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)  
 
 
Pro 5.0  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
CGE 5.x  
Mobilinux 5.x  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Carrier Grade CGE 6.0  
Carrier Grade CGE 6.0  
 
 
 


CVE Vulnerabilities List CVE-2013
CVE-2013-6383CVE-2013-5211CVE-2013-4788CVE-2013-4588
CVE-2013-4548CVE-2013-4512CVE-2013-4496CVE-2013-4470
CVE-2013-4458CVE-2013-4408CVE-2013-4387CVE-2013-4342
CVE-2013-4332CVE-2013-4244CVE-2013-4243CVE-2013-4237
CVE-2013-4232CVE-2013-4231CVE-2013-4162CVE-2013-4124
CVE-2013-4113CVE-2013-3235CVE-2013-3229CVE-2013-3224
CVE-2013-3222CVE-2013-2893CVE-2013-2892CVE-2013-2889
CVE-2013-2888CVE-2013-2851CVE-2013-2777CVE-2013-2237
CVE-2013-2234CVE-2013-2232CVE-2013-2206CVE-2013-2164
CVE-2013-2147CVE-2013-2141CVE-2013-2128CVE-2013-2116
CVE-2013-2066CVE-2013-2063CVE-2013-2062CVE-2013-2005
CVE-2013-2004CVE-2013-2003CVE-2013-2002CVE-2013-2001
CVE-2013-1998CVE-2013-1997CVE-2013-1996CVE-2013-1995
CVE-2013-1992CVE-2013-1991CVE-2013-1990CVE-2013-1989
CVE-2013-1988CVE-2013-1987CVE-2013-1986CVE-2013-1985
CVE-2013-1984CVE-2013-1983CVE-2013-1982CVE-2013-1981
CVE-2013-1961CVE-2013-1960CVE-2013-1944CVE-2013-1943
CVE-2013-1940CVE-2013-1928CVE-2013-1914CVE-2013-1862
CVE-2013-1860CVE-2013-1827CVE-2013-1796CVE-2013-1776
CVE-2013-1775CVE-2013-1774CVE-2013-1619CVE-2013-0914
CVE-2013-0871CVE-2013-0349CVE-2013-0343CVE-2013-0338
CVE-2013-0310CVE-2013-0309CVE-2013-0292CVE-2013-0268
CVE-2013-0242CVE-2013-0223CVE-2013-0222CVE-2013-0221
CVE-2013-0189CVE-2013-0169CVE-2013-0166