[VIM] [CVENEW] New CVE CANs: 2013/03/14 18:00 ; count=1
coley at mitre.org
coley at mitre.org
Thu Mar 14 17:04:32 CDT 2013
======================================================
Name: CVE-2013-2566
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2566
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20130314
Category:
Reference: MISC:http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html
Reference: MISC:http://cr.yp.to/talks/2013.03.12/slides.pdf
Reference: MISC:http://www.isg.rhul.ac.uk/tls/
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has
many single-byte biases, which makes it easier for remote attackers to
conduct plaintext-recovery attacks via statistical analysis of
ciphertext in a large number of sessions that use the same plaintext.
More information about the VIM
mailing list