Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
opensslOpenSSLOPENSSL:CVE-2003-0131
HistoryMar 19, 2003 - 12:00 a.m.

Vulnerability in OpenSSL CVE-2003-0131

2003-03-1900:00:00
www.openssl-library.org
28

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON

The SSL and TLS components allowed remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that caused OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the β€œKlima-Pokorny-Rosa attack”.

Affected configurations

Vulners
Node
opensslopensslRange0.9.6–0.9.6j
OR
opensslopensslRange0.9.7–0.9.7b
VendorProductVersionCPE
opensslopenssl*cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Related

ubuntucve 1
securityvulns 1
debiancve 1
cve 1
f5 2
suse 1
cvelist 1
nvd 1
cert 1
openvas 6
osv 1
redhat 1
nessus 6
debian 2
oraclelinux 3
ubuntucve
ubuntucve
CVE-2003-0131
2003-03-24 00:00:00
securityvulns
securityvulns
[OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding
2003-03-20 00:00:00
debiancve
debiancve
CVE-2003-0131
2003-03-24 05:00:00
cve
cve
CVE-2003-0131
2003-03-24 05:00:00
f5
f5
Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-17 04:00:00
SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-16 00:00:00
suse
suse
remote private-key retrieval in openssl
2003-04-04 12:36:38
cvelist
cvelist
CVE-2003-0131
2003-03-21 05:00:00
nvd
nvd
CVE-2003-0131
2003-03-24 05:00:00
cert
cert
SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension
2003-04-23 00:00:00
openvas
openvas
OpenSSL: Multiple Vulnerabilities (CVE-2003-0131, CVE-2003-0147) - Linux
2021-08-13 00:00:00
Debian Security Advisory DSA 288-1 (openssl)
2008-01-17 00:00:00
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
osv
osv
openssl - several vulnerabilities
2003-04-17 00:00:00
redhat
redhat
(RHSA-2003:102) openssl security update
2003-03-31 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssl (MDKSA-2003:035)
2004-07-31 00:00:00
RHEL 2.1 : openssl (RHSA-2003:102)
2004-07-06 00:00:00
Debian DSA-288-1 : openssl - several vulnerabilities
2004-09-29 00:00:00
debian
debian
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.054

Percentile

93.2%

JSON
Related for OPENSSL:CVE-2003-0131
ubuntucve1securityvulns1debiancve1cve1f52suse1cvelist1nvd1cert1openvas6osv1redhat1nessus6debian2oraclelinux3