CVE-2015-2808

MEDIUM

Description

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

References

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

http://marc.info/?l=bugtraq&m=143456209711959&w=2

http://marc.info/?l=bugtraq&m=143629696317098&w=2

http://marc.info/?l=bugtraq&m=143741441012338&w=2

http://marc.info/?l=bugtraq&m=143817021313142&w=2

http://marc.info/?l=bugtraq&m=143817899717054&w=2

http://marc.info/?l=bugtraq&m=143818140118771&w=2

http://marc.info/?l=bugtraq&m=144043644216842&w=2

http://marc.info/?l=bugtraq&m=144059660127919&w=2

http://marc.info/?l=bugtraq&m=144059703728085&w=2

http://marc.info/?l=bugtraq&m=144060576831314&w=2

http://marc.info/?l=bugtraq&m=144060606031437&w=2

http://marc.info/?l=bugtraq&m=144069189622016&w=2

http://marc.info/?l=bugtraq&m=144102017024820&w=2

http://marc.info/?l=bugtraq&m=144104533800819&w=2

http://marc.info/?l=bugtraq&m=144104565600964&w=2

http://marc.info/?l=bugtraq&m=144493176821532&w=2

http://rhn.redhat.com/errata/RHSA-2015-1006.html

http://rhn.redhat.com/errata/RHSA-2015-1007.html

http://rhn.redhat.com/errata/RHSA-2015-1020.html

http://rhn.redhat.com/errata/RHSA-2015-1021.html

http://rhn.redhat.com/errata/RHSA-2015-1091.html

http://rhn.redhat.com/errata/RHSA-2015-1228.html

http://rhn.redhat.com/errata/RHSA-2015-1229.html

http://rhn.redhat.com/errata/RHSA-2015-1230.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1243.html

http://rhn.redhat.com/errata/RHSA-2015-1526.html

http://www.debian.org/security/2015/dsa-3316

http://www.debian.org/security/2015/dsa-3339

http://www.huawei.com/en/psirt/security-advisories/hw-454055

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/73684

http://www.securityfocus.com/bid/91787

http://www.securitytracker.com/id/1032599

http://www.securitytracker.com/id/1032600

http://www.securitytracker.com/id/1032707

http://www.securitytracker.com/id/1032708

http://www.securitytracker.com/id/1032734

http://www.securitytracker.com/id/1032788

http://www.securitytracker.com/id/1032858

http://www.securitytracker.com/id/1032868

http://www.securitytracker.com/id/1032910

http://www.securitytracker.com/id/1032990

http://www.securitytracker.com/id/1033071

http://www.securitytracker.com/id/1033072

http://www.securitytracker.com/id/1033386

http://www.securitytracker.com/id/1033415

http://www.securitytracker.com/id/1033431

http://www.securitytracker.com/id/1033432

http://www.securitytracker.com/id/1033737

http://www.securitytracker.com/id/1033769

http://www.securitytracker.com/id/1036222

http://www.ubuntu.com/usn/USN-2696-1

http://www.ubuntu.com/usn/USN-2706-1

http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888

http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892

http://www-01.ibm.com/support/docview.wss?uid=swg21883640

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm

http://www-304.ibm.com/support/docview.wss?uid=swg21903565

http://www-304.ibm.com/support/docview.wss?uid=swg21960015

http://www-304.ibm.com/support/docview.wss?uid=swg21960769

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650

https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888

https://kb.juniper.net/JSA10783

https://kc.mcafee.com/corporate/index?page=content&id=SB10163

https://security.gentoo.org/glsa/201512-10

https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf

https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709

Details

Source: MITRE

Published: 2015-04-01

Updated: 2018-01-18

Type: CWE-310

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM