Lucene search
SuseSUSE-SA:2003:024HistoryApr 04, 2003 - 12:36 p.m.
remote private-key retrieval in openssl
2003-04-0412:36:38
lists.opensuse.org
20
0.054 Low
EPSS
Percentile
92.3%
Researchers from the University of Stanford have discovered certain weaknesses in OpenSSL’s RSA decryption algorithm. It allows remote attackers to compute the private RSA key of a server by observing its timing behavior. This bug has been fixed by enabling “RSA blinding”, by default. Additionally an extension of the “Bleichenbacher attack” has been developed by Czech researchers against OpenSSL. This weakness has also been fixed.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 8.2 | i586 | openssl-devel | < 0.9.6i-12 | openssl-devel-0.9.6i-12.i586.rpm |
| openSUSE | 7.3 | ppc | openssl | < 0.9.6b-150 | openssl-0.9.6b-150.ppc.rpm |
| openSUSE | 7.3 | i386 | openssl-devel | < 0.9.6b-156 | openssl-devel-0.9.6b-156.i386.rpm |
| openSUSE | 7.3 | sparc | openssl | < 0.9.6b-89 | openssl-0.9.6b-89.sparc.rpm |
| openSUSE | 8.1 | i586 | openssl-devel | < 0.9.6g-68 | openssl-devel-0.9.6g-68.i586.rpm |
| openSUSE | 7.3 | ppc | openssl-devel | < 0.9.6b-150 | openssl-devel-0.9.6b-150.ppc.rpm |
| openSUSE | 8.2 | i586 | openssl | < 0.9.6i-12 | openssl-0.9.6i-12.i586.rpm |
| openSUSE | 7.1 | i386 | openssl-devel | < 0.9.6a-81 | openssl-devel-0.9.6a-81.i386.rpm |
| openSUSE | 7.1 | ppc | openssl-devel | < 0.9.6a-31 | openssl-devel-0.9.6a-31.ppc.rpm |
| openSUSE | 8.0 | i386 | openssl-devel | < 0.9.6c-85 | openssl-devel-0.9.6c-85.i386.rpm |
Related
f5
f5
SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-16 00:00:00
Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
2007-05-17 04:00:00
cert
cert
cve
cve
CVE-2003-0131
2003-03-24 05:00:00
debiancve
debiancve
CVE-2003-0131
2003-03-24 05:00:00
securityvulns
securityvulns
[OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding
2003-03-20 00:00:00
ubuntucve
ubuntucve
CVE-2003-0131
2003-03-24 00:00:00
cvelist
cvelist
CVE-2003-0131
2003-03-21 05:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2003-0131
2003-03-19 00:00:00
osv
osv
openssl - several vulnerabilities
2003-04-17 00:00:00
debian
debian
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 06:44:58
[SECURITY] [DSA 288-1] New OpenSSL packages fix decipher vulnerability
2003-04-17 00:00:00
openvas
openvas
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
OpenSSL: Multiple Vulnerabilities (CVE-2003-0131, CVE-2003-0147) - Windows
2021-08-13 00:00:00
HP-UX Update for ApacheStrong HPSBUX00255
2009-05-05 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : openssl (MDKSA-2003:035)
2004-07-31 00:00:00
Debian DSA-288-1 : openssl - several vulnerabilities
2004-09-29 00:00:00
RHEL 2.1 : openssl (RHSA-2003:102)
2004-07-06 00:00:00
redhat
redhat
(RHSA-2003:102) openssl security update
2003-03-31 00:00:00
oraclelinux
oraclelinux
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2019-03-13 00:00:00
openssl security update
2019-08-16 00:00:00