Detections
Analytics

CVE-2015-2808

critical

Description

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

References

https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf

https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709

https://security.gentoo.org/glsa/201512-10

https://kb.juniper.net/JSA10783

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm

http://www.ubuntu.com/usn/USN-2706-1

http://www.ubuntu.com/usn/USN-2696-1

http://www.securitytracker.com/id/1036222

http://www.securitytracker.com/id/1033769

http://www.securitytracker.com/id/1033737

http://www.securitytracker.com/id/1033432

http://www.securitytracker.com/id/1033431

http://www.securitytracker.com/id/1033415

http://www.securitytracker.com/id/1033386

http://www.securitytracker.com/id/1033072

http://www.securitytracker.com/id/1033071

http://www.securitytracker.com/id/1032990

http://www.securitytracker.com/id/1032910

http://www.securitytracker.com/id/1032868

http://www.securitytracker.com/id/1032858

http://www.securitytracker.com/id/1032788

http://www.securitytracker.com/id/1032734

http://www.securitytracker.com/id/1032708

http://www.securitytracker.com/id/1032707

http://www.securitytracker.com/id/1032600

http://www.securitytracker.com/id/1032599

http://www.securityfocus.com/bid/91787

http://www.securityfocus.com/bid/73684

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.huawei.com/en/psirt/security-advisories/hw-454055

http://www.debian.org/security/2015/dsa-3339

http://www.debian.org/security/2015/dsa-3316

http://www-304.ibm.com/support/docview.wss?uid=swg21960769

http://www-304.ibm.com/support/docview.wss?uid=swg21960015

http://www-304.ibm.com/support/docview.wss?uid=swg21903565

http://www-01.ibm.com/support/docview.wss?uid=swg21883640

http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892

http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888

http://rhn.redhat.com/errata/RHSA-2015-1526.html

http://rhn.redhat.com/errata/RHSA-2015-1243.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1230.html

http://rhn.redhat.com/errata/RHSA-2015-1229.html

http://rhn.redhat.com/errata/RHSA-2015-1228.html

http://rhn.redhat.com/errata/RHSA-2015-1091.html

http://rhn.redhat.com/errata/RHSA-2015-1021.html

http://rhn.redhat.com/errata/RHSA-2015-1020.html

http://rhn.redhat.com/errata/RHSA-2015-1007.html

http://rhn.redhat.com/errata/RHSA-2015-1006.html

http://marc.info/?l=bugtraq&m=144493176821532&w=2

http://marc.info/?l=bugtraq&m=144104565600964&w=2

http://marc.info/?l=bugtraq&m=144104533800819&w=2

http://marc.info/?l=bugtraq&m=144102017024820&w=2

http://marc.info/?l=bugtraq&m=144069189622016&w=2

http://marc.info/?l=bugtraq&m=144060606031437&w=2

http://marc.info/?l=bugtraq&m=144060576831314&w=2

http://marc.info/?l=bugtraq&m=144059703728085&w=2

http://marc.info/?l=bugtraq&m=144059660127919&w=2

http://marc.info/?l=bugtraq&m=144043644216842&w=2

http://marc.info/?l=bugtraq&m=143818140118771&w=2

http://marc.info/?l=bugtraq&m=143817899717054&w=2

http://marc.info/?l=bugtraq&m=143817021313142&w=2

http://marc.info/?l=bugtraq&m=143741441012338&w=2

http://marc.info/?l=bugtraq&m=143629696317098&w=2

http://marc.info/?l=bugtraq&m=143456209711959&w=2

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034

https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/

Details

Source: Mitre, NVD

Published: 2015-04-01

Updated: 2025-04-12

Named Vulnerability: BarMitzvah

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.4884