Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-2682
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2682

2004-12-3105:00:00
[email protected]
web.nvd.nist.gov
1

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

JSON

PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server’s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (“Karatsuba” and normal), a related issue to CVE-2003-0147.

Affected configurations

NVD
Node
peersec_networksmatrixsslRange1.0

Related

cve 2
cvelist 2
securityvulns 1
debiancve 1
openssl 1
ubuntucve 1
nvd 1
f5 2
openvas 6
redhat 1
osv 1
nessus 6
debian 2
cert 2
oraclelinux 3
cve
cve
CVE-2004-2682
2022-10-03 16:14:14
CVE-2003-0147
2003-03-31 05:00:00
cvelist
cvelist
CVE-2004-2682
2022-10-03 16:14:14
CVE-2003-0147
2003-03-18 05:00:00
securityvulns
securityvulns
[ADVISORY] Timing Attack on OpenSSL
2003-03-18 00:00:00
debiancve
debiancve
CVE-2003-0147
2003-03-31 05:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2003-0147
2003-03-14 00:00:00
ubuntucve
ubuntucve
CVE-2003-0147
2003-03-31 00:00:00
nvd
nvd
CVE-2003-0147
2003-03-31 05:00:00
f5
f5
SOL2355 - Timing attacks on RSA private keys - CAN-2003-0147
2007-05-16 00:00:00
K2355 : Timing attacks on RSA private keys - CAN-2003-0147
2013-03-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 288-1 (openssl)
2008-01-17 00:00:00
OpenSSL: Multiple Vulnerabilities (CVE-2003-0131, CVE-2003-0147) - Linux
2021-08-13 00:00:00
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
redhat
redhat
(RHSA-2003:102) openssl security update
2003-03-31 00:00:00
osv
osv
openssl - several vulnerabilities
2003-04-17 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssl (MDKSA-2003:035)
2004-07-31 00:00:00
RHEL 2.1 : openssl (RHSA-2003:102)
2004-07-06 00:00:00
Debian DSA-288-1 : openssl - several vulnerabilities
2004-09-29 00:00:00
debian
debian
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
cert
cert
Cryptographic libraries and applications do not adequately defend against timing attacks
2003-03-25 00:00:00
Samba contains buffer overflow in SMB/CIFS packet fragment reassembly code
2003-03-17 00:00:00
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

JSON
Related for NVD:CVE-2004-2682
cve2cvelist2securityvulns1debiancve1openssl1ubuntucve1nvd1f52openvas6redhat1osv1nessus6debian2cert2oraclelinux3