CVE-2016-1494

MEDIUM LAB

Python-RSA <3.3 - Code Injection

Title source: llm

Description

The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.

Exploits (1)

nomisec WORKING POC 1 stars

by matthiasbe · poc

https://github.com/matthiasbe/secuimag3a

View Code ZIP pw:eip

References (8)

[Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html

[Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/01/05/1

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/01/05/3

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/79829

[Patch, Third Party Advisory] https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff

[Exploit, Third Party Advisory] https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/

Scores

CVSS v3 5.3

EPSS 0.0509

EPSS Percentile 89.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull linode/lamp

https://github.com/matthiasbe/secuimag3a

View in Library

Details

CWE

CWE-20

Status published

Products (7)

fedoraproject/fedora 22

fedoraproject/fedora 23

opensuse/leap 42.1

opensuse/opensuse 13.1

opensuse/opensuse 13.2

pypi/rsa 0 - 3.3PyPI

python/rsa < 3.3

Published Jan 13, 2016

Tracked Since Feb 18, 2026