CVE-2013-6394 Information
Feb 14, 2021
cve
Description
Percona XtraBackup before 2.1.6 uses a constant string for the initialization vector (IV) which makes it easier for local users to defeat cryptographic protection mechanisms and conduct plaintext attacks.
Reference
http://lists.opensuse.org/opensuse-updates/2013-12/msg00052.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00044.html http://www.openwall.com/lists/oss-security/2013/11/26/11 http://www.percona.com/doc/percona-xtrabackup/2.1/release-notes/2.1/2.1.6.html
Share on: