Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue,  2 Feb 2016 14:36:06 -0500 (EST)
From: cve-assign@...re.org
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Re: Socat security advisory 7 - Created new 2048bit DH modulus

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>   In the OpenSSL address implementation the hard coded 1024 bit DH p
>   parameter was not prime. The effective cryptographic strength of a key
>   exchange using these parameters was weaker than the one one could get by
>   using a prime p. Moreover, since there is no indication of how these
>   parameters were chosen, the existence of a trapdoor that makes possible
>   for an eavesdropper to recover the shared secret from a key exchange that
>   uses them cannot be ruled out.

This was sent to the oss-security list as a published advisory, not as
a CVE ID request. We would expect that one or more parties (e.g.,
Linux distributions) are planning to re-announce this to a different
audience in a way that would make at least one CVE ID especially
useful. Our question is about whether anyone needs two CVE IDs.

A CVE ID must be for a specific vulnerability (although we realize
that the CVE ID may often be used to track the update). Here, there
can be a CVE ID for the "was not prime" finding in the sense that p is
supposed to be prime, and a non-prime value is an implementation error
regardless of any other details of the situation. With the currently
published information, we do not see a way to generate a second CVE ID
for something related to "no indication of how these parameters were
chosen" or "cannot be ruled out."

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWsQPKAAoJEL54rhJi8gl57rMQAJdoD4DfUlHFbSupu548iP0N
3c7E8nb497rmUP6cpA/TiTECHvgglIINK/xQ8a5Eb3dBVU9rLoZewwZYyDAnItmp
cfM8F58criX0vycjv8RBh01+ZlZg8pLFNmj5O3Xew/D6qJp/mJfm80P4UE4roThh
Xh/4GgwNpHCMsUyerCmNGVSEkMS/Gf3ixoGWLGWLyquw/mZywM4EdD8qjP1SlLKA
S3nCh+1PO+CtCBNtHzWMpXtc+QD+mUTf/i5MZj9TIMEc4un0lhPLOsVQxOLM2JxG
Bz3xat0oJRyB8wqvIpAiQGYsWFewLhIaB7Fulc4SsLbc//8I4GcX0bb+/rY4/phf
5am4s0WgaXuTAkxQvhOat/scfNxwAjo5D5qkXvDozJmatYDgRN/bj8Q/PI+i6H1E
mahB5IzRwwFkLpFYn5XnzgH8BzHN0mi6iX5b4dbCGBtqa5nRJj2h0R9uxDoosTaV
8qJPzIwduwSQ0C8r5VueUdIRLhDaCoIOo/GpKAzeP/XUPNs1GMwku7WMtp3ihkPK
v7hAIDJkxEX9KNG60ZPX/NpTteuSYLfmQaDWAxAZbW2hG962kbKnUdhwBv7rZD3p
OHsBa6eUZ++f5LO7B/PWRPdt0o00menBizMV2YH8lQL2pPZf4UfoaalgsBaYidxu
Bq/DO1TXK4HnST0rpcSj
=P0EG
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.