- Home
- CVEs with nessus.description==Researchers discovered two flaws in OpenSSL, a Secure Socket Layer
(SSL) library and related cryptographic tools. Applications that are
linked against this library are generally vulnerable to attacks that
could leak the server's private key or make the encrypted session
decryptable otherwise. The Common Vulnerabilities and Exposures (CVE)
project identified the following vulnerabilities :
CAN-2003-0147 OpenSSL does not use RSA blinding by default, which
allows local and remote attackers to obtain the server's private key.
CAN-2003-0131 The SSL allows remote attackers to perform an
unauthorized RSA private key operation that causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top