1.0.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

libtomcrypt

NVD

Published: 2005-05-16

Updated: 2017-07-11

Summary

A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key.

Vulnerable Configurations

Part	Description	Count
Application	Libtomcrypt Libtomcrypt Libtomcrypt 1.0 Libtomcrypt Libtomcrypt 1.0.1 Libtomcrypt Libtomcrypt 1.0.2	3

References

http://secunia.com/advisories/15233
http://www.osvdb.org/16188
http://www.securiteam.com/unixfocus/5JP092AFPG.html
http://www.securityfocus.com/bid/13473
http://www.securityfocus.org/archive/1/397649
https://exchange.xforce.ibmcloud.com/vulnerabilities/20455