CVE-2013-0169


Severity : Low
Published : 2013-02-08
Modified : 2015-03-26
Base Score : 2.6
Details : The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
Product/Version :  
Per http://www.openssl.org/news/vulnerabilities.html:  
Fixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1)  
Fixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0)  
Fixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)  
 
 
Pro 5.0  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
CGE 5.x  
Mobilinux 5.x  
Pro 5.0  
CGE 5.x  
Mobilinux 5.x  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Carrier Grade CGE 6.0  
Carrier Grade CGE 6.0  
 
 
 


CVE Vulnerabilities List CVE-2013
CVE-2013-6383CVE-2013-5211CVE-2013-4788CVE-2013-4588
CVE-2013-4548CVE-2013-4545CVE-2013-4512CVE-2013-4496
CVE-2013-4470CVE-2013-4458CVE-2013-4408CVE-2013-4387
CVE-2013-4342CVE-2013-4332CVE-2013-4244CVE-2013-4243
CVE-2013-4237CVE-2013-4232CVE-2013-4231CVE-2013-4162
CVE-2013-4124CVE-2013-4113CVE-2013-3235CVE-2013-3229
CVE-2013-3224CVE-2013-3222CVE-2013-2893CVE-2013-2892
CVE-2013-2889CVE-2013-2888CVE-2013-2851CVE-2013-2777
CVE-2013-2237CVE-2013-2236CVE-2013-2234CVE-2013-2232
CVE-2013-2206CVE-2013-2174CVE-2013-2164CVE-2013-2147
CVE-2013-2141CVE-2013-2128CVE-2013-2116CVE-2013-2066
CVE-2013-2063CVE-2013-2062CVE-2013-2005CVE-2013-2004
CVE-2013-2003CVE-2013-2002CVE-2013-2001CVE-2013-1998
CVE-2013-1997CVE-2013-1996CVE-2013-1995CVE-2013-1992
CVE-2013-1991CVE-2013-1990CVE-2013-1989CVE-2013-1988
CVE-2013-1987CVE-2013-1986CVE-2013-1985CVE-2013-1984
CVE-2013-1983CVE-2013-1982CVE-2013-1981CVE-2013-1961
CVE-2013-1960CVE-2013-1944CVE-2013-1943CVE-2013-1940
CVE-2013-1928CVE-2013-1914CVE-2013-1862CVE-2013-1860
CVE-2013-1827CVE-2013-1796CVE-2013-1776CVE-2013-1775
CVE-2013-1774CVE-2013-1619CVE-2013-0914CVE-2013-0871
CVE-2013-0349CVE-2013-0343CVE-2013-0338CVE-2013-0310
CVE-2013-0309CVE-2013-0292CVE-2013-0268CVE-2013-0242
CVE-2013-0223CVE-2013-0222CVE-2013-0221CVE-2013-0189
CVE-2013-0169CVE-2013-0166