CVE-2013-2566
CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.htmlhttp://cr.yp.to/talks/2013.03.12/slides.pdfhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://marc.info/?l=bugtraq&m=143039468003789&w=2http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4http://security.gentoo.org/glsa/glsa-201406-19.xmlhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888https://security.gentoo.org/glsa/201504-01http://www.isg.rhul.ac.uk/tls/http://www.mozilla.org/security/announce/2013/mfsa2013-103.htmlhttp://www.opera.com/docs/changelogs/unified/1215/