Vulnerability Name:

CVE-2016-1494 (CCN-109722)

Assigned:2016-01-04
Published:2016-01-04
Updated:2019-05-31
Summary:The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2016-1494

Source: FEDORA
Type: Third Party Advisory
FEDORA-2016-70edfbbcef

Source: FEDORA
Type: Third Party Advisory
FEDORA-2016-c845706426

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2016:0108

Source: CCN
Type: IBM Security Bulletin T1024409 (PowerKVM)
A vulnerability in Python-RSA affects PowerKVM (CVE-2016-1494)

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20160105 CVE Request: python-rsa signature forgery

Source: CCN
Type: oss-sec Mailing List, Mon, 4 Jan 2016 20:30:47 -0500 (EST)
Re: CVE Request: python-rsa signature forgery

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20160104 Re: CVE Request: python-rsa signature forgery

Source: BID
Type: Third Party Advisory, VDB Entry
79829

Source: CCN
Type: BID-79829
Python-RSA CVE-2016-1494 Security Bypass Vulnerability

Source: CCN
Type: python-rsa - BitBucket Web site
[security] Fix BB'06 attack in verify() by switching from parsing to comparison

Source: CONFIRM
Type: Patch, Third Party Advisory
https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff

Source: MISC
Type: Exploit, Third Party Advisory
https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/

Source: XF
Type: UNKNOWN
python-rsa-cve20161494-spoofing(109722)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-1494

Vulnerable Configuration:Configuration 1:
  • cpe:/a:python:rsa:*:*:*:*:*:python:*:* (Version < 3.3)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:23:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:python-rsa_project:python-rsa:3.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:powerkvm:3.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20161494
    V
    		CVE-2016-1494
    2022-05-20
    oval:org.opensuse.security:def:39370
    P
    		Security update for php5 (Moderate)
    2021-08-23
    oval:org.opensuse.security:def:13920
    P
    		libksba8-1.3.0-23.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13822
    P
    		ft2demos-2.6.3-7.8.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13985
    P
    		mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14177
    P
    		java-1_8_0-openjdk-1.8.0.131-26.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14097
    P
    		busybox-1.21.1-3.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14828
    P
    		apache-commons-httpclient-3.1-4.364 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13852
    P
    		jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13967
    P
    		libtiff5-32bit-4.0.6-26.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14166
    P
    		hardlink-1.0-6.38 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14004
    P
    		perl-HTML-Parser-3.71-1.145 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14190
    P
    		libX11-6-1.6.2-11.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14122
    P
    		dosfstools-3.0.26-6.5 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13830
    P
    		git-core-1.8.5.6-18.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14850
    P
    		chrony-2.3-5.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:38311
    P
    		libjpeg62-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38690
    P
    		libksba8 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38530
    P
    		yast2-users on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37841
    P
    		libIlmImf-Imf_2_1-21 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38062
    P
    		shadow on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37829
    P
    		java-1_8_0-openjdk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38579
    P
    		dnsmasq on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38221
    P
    		ibus-chewing on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38646
    P
    		libXp6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38471
    P
    		rpm-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37830
    P
    		kbd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:39328
    P
    		Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:37925
    P
    		libnetpbm11 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38163
    P
    		cyrus-sasl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38618
    P
    		gzip on GA media (Moderate)
    2020-12-01
    oval:com.ubuntu.artful:def:20161494000
    V
    		CVE-2016-1494 on Ubuntu 17.10 (artful) - medium.
    2016-01-13
    oval:com.ubuntu.bionic:def:20161494000
    V
    		CVE-2016-1494 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-01-13
    oval:com.ubuntu.bionic:def:201614940000000
    V
    		CVE-2016-1494 on Ubuntu 18.04 LTS (bionic) - medium.
    2016-01-13
    oval:com.ubuntu.trusty:def:20161494000
    V
    		CVE-2016-1494 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-01-13
    oval:com.ubuntu.xenial:def:201614940000000
    V
    		CVE-2016-1494 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-01-13
    oval:com.ubuntu.xenial:def:20161494000
    V
    		CVE-2016-1494 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-01-13
    BACK
    python rsa *
    fedoraproject fedora 22
    fedoraproject fedora 23
    opensuse leap 42.1
    opensuse opensuse 13.1
    opensuse opensuse 13.2
    python-rsa_project python-rsa 3.2
    ibm powerkvm 3.1