Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
opensslOpenSSLOPENSSL:CVE-2003-0131
HistoryMar 19, 2003 - 12:00 a.m.

Vulnerability in OpenSSL CVE-2003-0131

2003-03-1900:00:00
www.openssl.org
25

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%

JSON
The SSL and TLS components allowed remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that caused OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack".
  • Fixed in OpenSSL 0.9.6j (Affected since 0.9.6)
  • Fixed in OpenSSL 0.9.7b (Affected since 0.9.7)

Related

f5 2
debiancve 1
cve 1
cert 1
securityvulns 1
ubuntucve 1
suse 1
nvd 1
cvelist 1
osv 1
openvas 6
nessus 4
debian 2
redhat 1
oraclelinux 3
f5
f5
Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-17 04:00:00
SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-16 00:00:00
debiancve
debiancve
CVE-2003-0131
2003-03-24 05:00:00
cve
cve
CVE-2003-0131
2003-03-24 05:00:00
cert
cert
SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension
2003-04-23 00:00:00
securityvulns
securityvulns
[OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding
2003-03-20 00:00:00
ubuntucve
ubuntucve
CVE-2003-0131
2003-03-24 00:00:00
suse
suse
remote private-key retrieval in openssl
2003-04-04 12:36:38
nvd
nvd
CVE-2003-0131
2003-03-24 05:00:00
cvelist
cvelist
CVE-2003-0131
2003-03-21 05:00:00
osv
osv
openssl - several vulnerabilities
2003-04-17 00:00:00
openvas
openvas
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
Debian Security Advisory DSA 288-1 (openssl)
2008-01-17 00:00:00
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssl (MDKSA-2003:035)
2004-07-31 00:00:00
RHEL 2.1 : openssl (RHSA-2003:102)
2004-07-06 00:00:00
Debian DSA-288-1 : openssl - several vulnerabilities
2004-09-29 00:00:00
debian
debian
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 00:00:00
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
redhat
redhat
(RHSA-2003:102) openssl security update
2003-03-31 00:00:00
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

8.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%

JSON
Related for OPENSSL:CVE-2003-0131
f52debiancve1cve1cert1securityvulns1ubuntucve1suse1nvd1cvelist1osv1openvas6nessus4debian2redhat1oraclelinux3