CVE-2013-0169Improper Restriction of Operations within the Bounds of a Memory Buffer in Openssl

CWE-310CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-125Out-of-bounds ReadCWE-385Covert Timing ChannelCWE-20Improper Input Validation29 documents12 sources
Severity
2.6LOWNVD
EPSS
0.9%
top 23.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Mozilla NSSOpensslOracle Openjdk+2 more
Timeline
PublishedFeb 8
Latest updateMay 14

Description

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages6 packages

Debianopenssl/openssl< 1.0.1e-1+3
NVDopenssl/openssl0.9.80.9.8x+2
NVDoracle/openjdk1.6.0, 1.7.0+1
NVDpolarssl/polarssl17 versions+16
Debianmozilla/nss< 2:3.14.3-1+3

🔴Vulnerability Details

4
GHSA
Improper Input Validation in Bouncy Castle2022-05-14
GHSA
GHSA-pg96-42c4-p633: The TLS protocol 12022-05-05
OSV
CVE-2013-0169: The TLS protocol 12013-02-08
CVEList
CVE-2013-0169: The TLS protocol 12013-02-08

📋Vendor Advisories

14
Palo Alto
PAN-SA-2016-0023 OpenSSL Vulnerabilities2016-09-02
Red Hat
openssl: Padding oracle in AES-NI CBC MAC check2016-05-03
Red Hat
gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)2013-05-29
BSD
FreeBSD-SA-13:03.openssl: OpenSSL multiple vulnerabilities2013-04-02
Ubuntu
OpenSSL vulnerability2013-03-25

💬Community

10
Bugzilla
CVE-2018-0498 CVE-2018-0497 mbedtls: Two critical flaws fixed in latest release2018-08-02
HackerOne
LUCKY13 (CVE-2013-0169) effects legalrobot.com2017-07-30
HackerOne
SSL/TLS Vulnerability at khanacademy.org2017-02-22
HackerOne
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)2016-05-19
Bugzilla
CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check2016-04-28
CVE-2013-0169 — Openssl vulnerability | cvebase