2 matches found
CVE-2004-2682
Affected software: PeerSec MatrixSSL prior to 1.1. Vulnerability: does not implement RSA blinding, enabling context-dependent attackers to deduce the server’s private key via timing differences in Montgomery reductions and in the use of different multiplication algorithms (Karatsuba vs normal). T...
CVE-2004-2681
CVE-2004-2681 affects PeerSec MatrixSSL prior to 1.1. The issue is that session keys are cached for an indefinitely long time, which could allow remote attackers to hijack a session. The supplied documents confirm the vulnerability description but do not provide concrete exploitation details or a...