Rewterz Threat Alert – Waterbug Resurfaces with New Tool Kit
June 25, 2019Rewterz Threat Advisory – CVE-2019-1878 – Cisco TelePresence Endpoint Command Shell Injection Vulnerability
June 26, 2019Rewterz Threat Alert – Waterbug Resurfaces with New Tool Kit
June 25, 2019Rewterz Threat Advisory – CVE-2019-1878 – Cisco TelePresence Endpoint Command Shell Injection Vulnerability
June 26, 2019Severity
Medium
Analysis Summary
Add protection for private keys at rest in RAM against speculation
and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and
Rambleed. This change encrypts private keys when they are not in use
with a symmetic key that is derived from a relatively large “prekey”
consisting of random data (currently 16KB).
Impact
Side-Channel Attacks
Affected Vendors
OpenSSH