CVE-2013-6394

Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV), which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:percona:xtrabackup:*:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:percona:xtrabackup:2.1.4:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:59

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-updates/2013-12/msg00052.html - () http://lists.opensuse.org/opensuse-updates/2013-12/msg00052.html -
References () http://lists.opensuse.org/opensuse-updates/2014-02/msg00044.html - () http://lists.opensuse.org/opensuse-updates/2014-02/msg00044.html -
References () http://www.openwall.com/lists/oss-security/2013/11/26/11 - () http://www.openwall.com/lists/oss-security/2013/11/26/11 -
References () http://www.percona.com/doc/percona-xtrabackup/2.1/release-notes/2.1/2.1.6.html - Patch, Vendor Advisory () http://www.percona.com/doc/percona-xtrabackup/2.1/release-notes/2.1/2.1.6.html - Patch, Vendor Advisory

Information

Published : 2013-12-13 18:07

Updated : 2024-11-21 01:59


NVD link : CVE-2013-6394

Mitre link : CVE-2013-6394

CVE.ORG link : CVE-2013-6394


JSON object : View

Products Affected

percona

  • xtrabackup

opensuse

  • opensuse
CWE
CWE-310

Cryptographic Issues