84 matches found
CVE-2018-0737
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev Affected 1.1.0-1.1.0h...
Xerox WorkCentre 6400 OpenSSL RSA Temporary Key Handling EXPORT_RSA Ciphers Downgrade MitM (XRX15AP) (FREAK)
According to its model number and software version, the remote Xerox WorkCentre 6400 device is affected by a security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, due to the support of weak EXPORTRSA cipher suites with keys less than or equal to 512 bits. A...
Mandrake Linux Security Advisory : bind (MDKSA-2006:207)
The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem CVE-2006-4339. BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record...
SUSE-SA:2003:024: openssl
The remote host is missing the patch for the advisory SUSE-SA:2003:024 openssl. Researchers from the University of Stanford have discovered certain weaknesses in OpenSSL's RSA decryption algorithm. It allows remote attackers to compute the private RSA key of a server by observing its timing...