17 matches found
SUSE CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
ALPINE-CVE-2018-20187
A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded...
Side-channel Timing Attack
OpenSSL is vulnerable to side-channel timing attacks. These attacks are possible because the Montgomery ladder implementation doesn't run swap operations in constant time which makes it easier for local users to obtain ECDSA nonce values...
Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)
Multiple vulnerabilities has been discovered and corrected in openssl : Race condition in the ssl3readbytes function in s3pkt.c in OpenSSL through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service use-after-free and...
Mandriva Linux Security Advisory : openssl (MDVSA-2014:067)
Updated openssl packages fix security vulnerability : The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attac...
Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
OpenSSL: Information Disclosure
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL: OpenSSL incorrectly handles memory in the TLS...
OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.1g. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1g advisory. - The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allo...
OpenSSL 1.0.0 < 1.0.0m Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.0m. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.0m advisory. - The dtls1clearqueues function in ssl/d1lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data...
OpenSSL -- Local Information Disclosure
OpenSSL reports: A flaw in the implementation of Montgomery Ladder Approach would create a side-channel that leaks sensitive timing information. A local attacker might be able to snoop a signing process and might recover the signing key from it...
DEBIAN-CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Design/Logic Flaw
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
CVE-2014-0076 concerns the OpenSSL Montgomery ladder implementation. The issue is a timing/side-channel flaw in how certain swap operations are performed, enabling a local attacker to recover ECDSA nonces via a FLUSH+RELOAD cache side-channel. Affected product: OpenSSL up to 1.0.0l (and related O...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...