Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2003-0147
Vulnerability from cvelistv5
Published
2003-03-18 05:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:43:35.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-288", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2003/dsa-288", }, { name: "RHSA-2003:101", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { name: "RHSA-2003:102", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20030317.txt", }, { name: "GLSA-200303-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { name: "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "APPLE-SA-2003-03-24", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "20030317 [ADVISORY] Timing Attack on OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { name: "CSSA-2003-014.0", tags: [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred", ], url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { name: "MDKSA-2003:035", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { name: "GLSA-200303-23", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { name: "oval:org.mitre.oval:def:466", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { name: "OpenPKG-SA-2003.019", tags: [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { name: "GLSA-200303-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { name: "IMNX-2003-7+-001-01", tags: [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030327 Immunix Secured OS 7+ openssl update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030501-01-I", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "20030313 Vulnerability in OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { name: "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { name: "CLA-2003:625", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { name: "VU#997481", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/997481", }, { name: "20030313 OpenSSL Private Key Disclosure", tags: [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2003-03-14T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-288", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2003/dsa-288", }, { name: "RHSA-2003:101", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { name: "RHSA-2003:102", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20030317.txt", }, { name: "GLSA-200303-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { name: "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "APPLE-SA-2003-03-24", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "20030317 [ADVISORY] Timing Attack on OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { name: "CSSA-2003-014.0", tags: [ "vendor-advisory", "x_refsource_CALDERA", ], url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { name: "MDKSA-2003:035", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { tags: [ "x_refsource_MISC", ], url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { name: "GLSA-200303-23", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { name: "oval:org.mitre.oval:def:466", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { name: "OpenPKG-SA-2003.019", tags: [ "vendor-advisory", "x_refsource_OPENPKG", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { name: "GLSA-200303-24", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { name: "IMNX-2003-7+-001-01", tags: [ "vendor-advisory", "x_refsource_IMMUNIX", ], url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030327 Immunix Secured OS 7+ openssl update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030501-01-I", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "20030313 Vulnerability in OpenSSL", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { name: "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { name: "CLA-2003:625", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { name: "VU#997481", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/997481", }, { name: "20030313 OpenSSL Private Key Disclosure", tags: [ "mailing-list", "x_refsource_VULNWATCH", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-288", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-288", }, { name: "RHSA-2003:101", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { name: "RHSA-2003:102", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { name: "http://www.openssl.org/news/secadv_20030317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { name: "GLSA-200303-15", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { name: "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "APPLE-SA-2003-03-24", refsource: "APPLE", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "20030317 [ADVISORY] Timing Attack on OpenSSL", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { name: "CSSA-2003-014.0", refsource: "CALDERA", url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { name: "MDKSA-2003:035", refsource: "MANDRAKE", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { name: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", refsource: "MISC", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { name: "GLSA-200303-23", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { name: "oval:org.mitre.oval:def:466", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { name: "OpenPKG-SA-2003.019", refsource: "OPENPKG", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { name: "GLSA-200303-24", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { name: "IMNX-2003-7+-001-01", refsource: "IMMUNIX", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030327 Immunix Secured OS 7+ openssl update", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030501-01-I", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "20030313 Vulnerability in OpenSSL", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { name: "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { name: "CLA-2003:625", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { name: "VU#997481", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/997481", }, { name: "20030313 OpenSSL Private Key Disclosure", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-0147", datePublished: "2003-03-18T05:00:00", dateReserved: "2003-03-14T00:00:00", dateUpdated: "2024-08-08T01:43:35.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2003-0147\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2003-03-31T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\\\"Karatsuba\\\" and normal).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F74941A0-97CA-44D4-B55B-9224F051D40F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CCF640-211C-4EC0-9F41-68F5B39CA3F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6ADD463-E918-4F4D-9FA7-D109EBC98BD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E4742C-A983-4F00-B24F-AB280C0E876D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0628DF-3A4C-4078-B615-22260671EABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"962FCB86-15AD-4399-8B7D-EC1DEA919C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180D07AE-C571-4DD6-837C-43E2A946007A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90789533-C741-4B1C-A24B-2C77B9E4DE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1520065B-46D7-48A4-B9D0-5B49F690C5B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45A518E8-21BE-4C5C-B425-410AB1208E9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E79A05-64F3-4397-952C-A5BB950C967D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400FE849-D547-44DE-B06F-5B68E5B20E07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B256301B-9C6A-4BA6-8318-675C0EF4C316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC33DAEE-8F51-404F-B5C4-B8A30B467E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCDC66D-3BF5-4763-8877-38B0D3326E62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75772E28-BD93-4981-96FA-CDF41DAF65AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2415230E-4F66-4DDE-9E34-F685E8F4085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5121749D-3E19-4A9B-8C2D-84420A4E289B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E14DE44-69E6-4D0E-AD06-A829AFCDE528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D5B202D-D93D-4E33-BC9F-DA44B727C0B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC62D42-832D-4E6E-93D9-E7BA0CBC7799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D49F98-9A24-464A-8695-58218C14B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADFFE78D-90EC-46C6-B215-2EADD9E0D146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6132108C-C344-4ABC-AF40-1925830A6723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F16BDA03-BFAB-4839-A83A-370865928225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC396CE-FDA7-480C-9E94-1A26B7FB208E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7B30722-13DD-41C5-9CFA-0719B351CF46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"722BA04D-BA9B-427C-B129-06EFEC3F2859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2891FF7D-E62E-47F4-8873-1E4066247348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A129110-60C1-46FC-9817-6E3802ADB389\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104766550528628&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104792570615648&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104819602408063&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104829040921835&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104861762028637&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2003/dsa-288\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/997481\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openssl.org/news/secadv_20030317.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-101.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-102.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/316165/30/25370/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/316165/30/25370/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/316577/30/25310/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/316577/30/25310/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104766550528628&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104792570615648&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104819602408063&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104829040921835&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=104861762028637&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2003/dsa-288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/997481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openssl.org/news/secadv_20030317.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2003-102.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/316165/30/25370/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/316165/30/25370/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/316577/30/25310/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/316577/30/25310/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.\",\"lastModified\":\"2007-03-14T00:00:00\"}]}}", }, }
rhsa-2003:102
Vulnerability from csaf_redhat
Published
2003-03-31 12:00
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
[Updated 30 May 2003]
Added missing i686 packages.
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols, and provides a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa
attack) uses a large number of SSL or TLS connections using PKCS #1 v1.5
padding to cause OpenSSL to leak information regarding the relationship
between ciphertext and the associated plaintext.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, and protects against the
Klima-Pokorny-Rosa attack.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or,
alternatively, reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.\n\n[Updated 30 May 2003]\nAdded missing i686 packages.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit that\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols, and provides a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding.\n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa\nattack) uses a large number of SSL or TLS connections using PKCS #1 v1.5\npadding to cause OpenSSL to leak information regarding the relationship\nbetween ciphertext and the associated plaintext.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, and protects against the\nKlima-Pokorny-Rosa attack.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or,\nalternatively, reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:102", url: "https://access.redhat.com/errata/RHSA-2003:102", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86206", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_102.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:42:57+00:00", generator: { date: "2024-11-21T22:42:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:102", initial_release_date: "2003-03-31T12:00:00+00:00", revision_history: [ { date: "2003-03-31T12:00:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-31T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
RHSA-2003:116
Vulnerability from csaf_redhat
Published
2003-03-28 13:43
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: apache, openssl security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold 4 are available to fix a
number of vulnerabilities in OpenSSL and Apache.
Details
Stronghold 4 contains various open source technologies such as OpenSSL and
Apache. A number of issues have been found in versions of these projects:
Researchers discovered a timing attack on RSA keys that affects OpenSSL.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
Stronghold does not enable RSA blinding by default and is, therefore,
vulnerable to this attack.
The SSL and TLS components for OpenSSL allow remote attackers to perform an
unauthorized RSA private key operation via a modified Bleichenbacher
attack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a
large number of SSL or TLS connections, using PKCS #1 v1.5 padding, and
causes OpenSSL to leak information regarding the relationship between
ciphertext and the associated plaintext.
Versions of Apache 1.3 before 1.3.25 do not filter terminal escape
sequences from access logs, which could make it easier for attackers to
insert those sequences into terminal emulators containing vulnerabilities
related to escape sequences.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, thereby protecting against the
Klima-Pokorny-Rosa attack, and a patch to filter escape sequences from
Apache access logs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold 4 are available to fix a\nnumber of vulnerabilities in OpenSSL and Apache.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains various open source technologies such as OpenSSL and\nApache. A number of issues have been found in versions of these projects:\n\nResearchers discovered a timing attack on RSA keys that affects OpenSSL. \nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\nStronghold does not enable RSA blinding by default and is, therefore,\nvulnerable to this attack.\n\nThe SSL and TLS components for OpenSSL allow remote attackers to perform an\nunauthorized RSA private key operation via a modified Bleichenbacher\nattack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a\nlarge number of SSL or TLS connections, using PKCS #1 v1.5 padding, and\ncauses OpenSSL to leak information regarding the relationship between\nciphertext and the associated plaintext.\n\nVersions of Apache 1.3 before 1.3.25 do not filter terminal escape\nsequences from access logs, which could make it easier for attackers to\ninsert those sequences into terminal emulators containing vulnerabilities\nrelated to escape sequences.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, thereby protecting against the\nKlima-Pokorny-Rosa attack, and a patch to filter escape sequences from\nApache access logs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:116", url: "https://access.redhat.com/errata/RHSA-2003:116", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030319.txt", url: "http://www.openssl.org/news/secadv_20030319.txt", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030317.txt", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_116.json", }, ], title: "Red Hat Security Advisory: apache, openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:00+00:00", generator: { date: "2024-11-21T22:43:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:116", initial_release_date: "2003-03-28T13:43:00+00:00", revision_history: [ { date: "2003-03-28T13:43:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-28T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
RHSA-2003:117
Vulnerability from csaf_redhat
Published
2003-04-15 13:13
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: openssl security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are
now available.
Details
Stronghold 3 contains a number of open source technologies including
OpenSSL. Two issues in OpenSSL have recently been discovered:
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols. It also implements a full-strength general
purpose cryptography library.
Researchers have discovered a timing attack on RSA keys. Applications
making use of OpenSSL are generally vulnerable to such an attack, unless
RSA blinding has been turned on. OpenSSL does not use RSA blinding by
default and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key. This could be done by determining factors using timing
differences on:
(1) The number of extra reductions during Montgomery reduction
(2) The use of different integer multiplication algorithms ("Karatsuba" and
normal)
In order for an attack to be successful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext. This is also known as the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against
Klima-Pokorny-Rosa attacks.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are\nnow available.", title: "Topic", }, { category: "general", text: "Stronghold 3 contains a number of open source technologies including\nOpenSSL. Two issues in OpenSSL have recently been discovered:\n\nOpenSSL is a commercial-grade, full-featured, and open source toolkit that\nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols. It also implements a full-strength general \npurpose cryptography library.\n\nResearchers have discovered a timing attack on RSA keys. Applications\nmaking use of OpenSSL are generally vulnerable to such an attack, unless\nRSA blinding has been turned on. OpenSSL does not use RSA blinding by\ndefault and most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key. This could be done by determining factors using timing\ndifferences on:\n\n(1) The number of extra reductions during Montgomery reduction\n\n(2) The use of different integer multiplication algorithms (\"Karatsuba\" and\nnormal)\n\nIn order for an attack to be successful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext. This is also known as the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against\nKlima-Pokorny-Rosa attacks.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:117", url: "https://access.redhat.com/errata/RHSA-2003:117", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_117.json", }, ], title: "Red Hat Security Advisory: openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:04+00:00", generator: { date: "2024-11-21T22:43:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:117", initial_release_date: "2003-04-15T13:13:00+00:00", revision_history: [ { date: "2003-04-15T13:13:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-25T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003:117
Vulnerability from csaf_redhat
Published
2003-04-15 13:13
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: openssl security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are
now available.
Details
Stronghold 3 contains a number of open source technologies including
OpenSSL. Two issues in OpenSSL have recently been discovered:
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols. It also implements a full-strength general
purpose cryptography library.
Researchers have discovered a timing attack on RSA keys. Applications
making use of OpenSSL are generally vulnerable to such an attack, unless
RSA blinding has been turned on. OpenSSL does not use RSA blinding by
default and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key. This could be done by determining factors using timing
differences on:
(1) The number of extra reductions during Montgomery reduction
(2) The use of different integer multiplication algorithms ("Karatsuba" and
normal)
In order for an attack to be successful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext. This is also known as the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against
Klima-Pokorny-Rosa attacks.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are\nnow available.", title: "Topic", }, { category: "general", text: "Stronghold 3 contains a number of open source technologies including\nOpenSSL. Two issues in OpenSSL have recently been discovered:\n\nOpenSSL is a commercial-grade, full-featured, and open source toolkit that\nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols. It also implements a full-strength general \npurpose cryptography library.\n\nResearchers have discovered a timing attack on RSA keys. Applications\nmaking use of OpenSSL are generally vulnerable to such an attack, unless\nRSA blinding has been turned on. OpenSSL does not use RSA blinding by\ndefault and most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key. This could be done by determining factors using timing\ndifferences on:\n\n(1) The number of extra reductions during Montgomery reduction\n\n(2) The use of different integer multiplication algorithms (\"Karatsuba\" and\nnormal)\n\nIn order for an attack to be successful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext. This is also known as the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against\nKlima-Pokorny-Rosa attacks.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:117", url: "https://access.redhat.com/errata/RHSA-2003:117", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_117.json", }, ], title: "Red Hat Security Advisory: openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:04+00:00", generator: { date: "2024-11-21T22:43:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:117", initial_release_date: "2003-04-15T13:13:00+00:00", revision_history: [ { date: "2003-04-15T13:13:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-25T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
RHSA-2003:102
Vulnerability from csaf_redhat
Published
2003-03-31 12:00
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
[Updated 30 May 2003]
Added missing i686 packages.
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols, and provides a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa
attack) uses a large number of SSL or TLS connections using PKCS #1 v1.5
padding to cause OpenSSL to leak information regarding the relationship
between ciphertext and the associated plaintext.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, and protects against the
Klima-Pokorny-Rosa attack.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or,
alternatively, reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.\n\n[Updated 30 May 2003]\nAdded missing i686 packages.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit that\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols, and provides a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding.\n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa\nattack) uses a large number of SSL or TLS connections using PKCS #1 v1.5\npadding to cause OpenSSL to leak information regarding the relationship\nbetween ciphertext and the associated plaintext.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, and protects against the\nKlima-Pokorny-Rosa attack.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or,\nalternatively, reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:102", url: "https://access.redhat.com/errata/RHSA-2003:102", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86206", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_102.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:42:57+00:00", generator: { date: "2024-11-21T22:42:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:102", initial_release_date: "2003-03-31T12:00:00+00:00", revision_history: [ { date: "2003-03-31T12:00:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-31T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_102
Vulnerability from csaf_redhat
Published
2003-03-31 12:00
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: openssl security update
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
[Updated 30 May 2003]
Added missing i686 packages.
Details
OpenSSL is a commercial-grade, full-featured, open source toolkit that
implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols, and provides a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa
attack) uses a large number of SSL or TLS connections using PKCS #1 v1.5
padding to cause OpenSSL to leak information regarding the relationship
between ciphertext and the associated plaintext.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, and protects against the
Klima-Pokorny-Rosa attack.
Because server applications are affected by these vulnerabilities, we
advise users to restart all services that use OpenSSL functionality or,
alternatively, reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.\n\n[Updated 30 May 2003]\nAdded missing i686 packages.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, open source toolkit that\nimplements the Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols, and provides a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding.\n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack (also known as the Klima-Pokorny-Rosa\nattack) uses a large number of SSL or TLS connections using PKCS #1 v1.5\npadding to cause OpenSSL to leak information regarding the relationship\nbetween ciphertext and the associated plaintext.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, and protects against the\nKlima-Pokorny-Rosa attack.\n\nBecause server applications are affected by these vulnerabilities, we\nadvise users to restart all services that use OpenSSL functionality or,\nalternatively, reboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:102", url: "https://access.redhat.com/errata/RHSA-2003:102", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86206", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86206", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_102.json", }, ], title: "Red Hat Security Advisory: openssl security update", tracking: { current_release_date: "2024-11-21T22:42:57+00:00", generator: { date: "2024-11-21T22:42:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:102", initial_release_date: "2003-03-31T12:00:00+00:00", revision_history: [ { date: "2003-03-31T12:00:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-31T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product: { name: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_id: "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::as", }, }, }, { category: "product_name", name: "Red Hat Linux Advanced Workstation 2.1", product: { name: "Red Hat Linux Advanced Workstation 2.1", product_id: "Red Hat Linux Advanced Workstation 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::aw", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ES version 2.1", product: { name: "Red Hat Enterprise Linux ES version 2.1", product_id: "Red Hat Enterprise Linux ES version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::es", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux WS version 2.1", product: { name: "Red Hat Enterprise Linux WS version 2.1", product_id: "Red Hat Enterprise Linux WS version 2.1", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:2.1::ws", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-31T12:00:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "Red Hat Enterprise Linux ES version 2.1", "Red Hat Enterprise Linux WS version 2.1", "Red Hat Linux Advanced Workstation 2.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:102", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_116
Vulnerability from csaf_redhat
Published
2003-03-28 13:43
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: apache, openssl security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold 4 are available to fix a
number of vulnerabilities in OpenSSL and Apache.
Details
Stronghold 4 contains various open source technologies such as OpenSSL and
Apache. A number of issues have been found in versions of these projects:
Researchers discovered a timing attack on RSA keys that affects OpenSSL.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
Stronghold does not enable RSA blinding by default and is, therefore,
vulnerable to this attack.
The SSL and TLS components for OpenSSL allow remote attackers to perform an
unauthorized RSA private key operation via a modified Bleichenbacher
attack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a
large number of SSL or TLS connections, using PKCS #1 v1.5 padding, and
causes OpenSSL to leak information regarding the relationship between
ciphertext and the associated plaintext.
Versions of Apache 1.3 before 1.3.25 do not filter terminal escape
sequences from access logs, which could make it easier for attackers to
insert those sequences into terminal emulators containing vulnerabilities
related to escape sequences.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, thereby protecting against the
Klima-Pokorny-Rosa attack, and a patch to filter escape sequences from
Apache access logs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold 4 are available to fix a\nnumber of vulnerabilities in OpenSSL and Apache.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains various open source technologies such as OpenSSL and\nApache. A number of issues have been found in versions of these projects:\n\nResearchers discovered a timing attack on RSA keys that affects OpenSSL. \nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\nStronghold does not enable RSA blinding by default and is, therefore,\nvulnerable to this attack.\n\nThe SSL and TLS components for OpenSSL allow remote attackers to perform an\nunauthorized RSA private key operation via a modified Bleichenbacher\nattack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a\nlarge number of SSL or TLS connections, using PKCS #1 v1.5 padding, and\ncauses OpenSSL to leak information regarding the relationship between\nciphertext and the associated plaintext.\n\nVersions of Apache 1.3 before 1.3.25 do not filter terminal escape\nsequences from access logs, which could make it easier for attackers to\ninsert those sequences into terminal emulators containing vulnerabilities\nrelated to escape sequences.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, thereby protecting against the\nKlima-Pokorny-Rosa attack, and a patch to filter escape sequences from\nApache access logs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:116", url: "https://access.redhat.com/errata/RHSA-2003:116", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030319.txt", url: "http://www.openssl.org/news/secadv_20030319.txt", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030317.txt", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_116.json", }, ], title: "Red Hat Security Advisory: apache, openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:00+00:00", generator: { date: "2024-11-21T22:43:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:116", initial_release_date: "2003-03-28T13:43:00+00:00", revision_history: [ { date: "2003-03-28T13:43:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-28T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003:205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
RHSA-2003:205
Vulnerability from csaf_redhat
Published
2003-06-23 17:37
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages that fix potential timing-based and modified
Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and
pSeries systems.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
In a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin
Vuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites
in SSL and TLS. An active attacker may be able to use timing observations
to distinguish between two different error cases: cipher padding errors and
MAC verification errors. Over multiple connections this can leak
sufficient information to make it possible to retrieve the plaintext of a
common, fixed block.
In order for an attack to be sucessful, an attacker must be able to act as
a man-in-the-middle to intercept and modify multiple connections, which all
involve a common fixed plaintext block (such as a password), and have good
network conditions that allow small changes in timing to be reliably
observed.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions allowing small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain patches provided by the OpenSSL group that
enable RSA blinding by default and protect against the other vulnerabilities.
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality, or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages that fix potential timing-based and modified\nBleichenbacher attacks are available for Red Hat Linux on IBM iSeries and\npSeries systems.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nIn a paper, Brice Canvel, Alain Hiltgen, Serge Vaudenay, and Martin\nVuagnoux describe and demonstrate a timing-based attack on CBC ciphersuites\nin SSL and TLS. An active attacker may be able to use timing observations\nto distinguish between two different error cases: cipher padding errors and\nMAC verification errors. Over multiple connections this can leak\nsufficient information to make it possible to retrieve the plaintext of a\ncommon, fixed block.\n\nIn order for an attack to be sucessful, an attacker must be able to act as\na man-in-the-middle to intercept and modify multiple connections, which all\ninvolve a common fixed plaintext block (such as a password), and have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions allowing small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain patches provided by the OpenSSL group that\nenable RSA blinding by default and protect against the other vulnerabilities.\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality, or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:205", url: "https://access.redhat.com/errata/RHSA-2003:205", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_205.json", }, ], title: "Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:43:08+00:00", generator: { date: "2024-11-21T22:43:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:205", initial_release_date: "2003-06-23T17:37:00+00:00", revision_history: [ { date: "2003-06-23T17:37:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-06-23T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0078", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616956", }, ], notes: [ { category: "description", text: "ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the \"Vaudenay timing attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0078", }, { category: "external", summary: "RHBZ#1616956", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616956", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0078", url: "https://www.cve.org/CVERecord?id=CVE-2003-0078", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0078", }, ], release_date: "2003-02-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 7.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-06-23T17:37:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 7.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:205", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_101
Vulnerability from csaf_redhat
Published
2003-04-01 15:50
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against the
"Klima-Pokorny-Rosa attack."
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against the\n\"Klima-Pokorny-Rosa attack.\"\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:101", url: "https://access.redhat.com/errata/RHSA-2003:101", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_101.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:42:53+00:00", generator: { date: "2024-11-21T22:42:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:101", initial_release_date: "2003-04-01T15:50:00+00:00", revision_history: [ { date: "2003-04-01T15:50:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-04-01T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, { category: "product_name", name: "Red Hat Linux 9", product: { name: "Red Hat Linux 9", product_id: "Red Hat Linux 9", product_identification_helper: { cpe: "cpe:/o:redhat:linux:9", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003_117
Vulnerability from csaf_redhat
Published
2003-04-15 13:13
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: openssl security update for Stronghold
Notes
Topic
Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are
now available.
Details
Stronghold 3 contains a number of open source technologies including
OpenSSL. Two issues in OpenSSL have recently been discovered:
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols. It also implements a full-strength general
purpose cryptography library.
Researchers have discovered a timing attack on RSA keys. Applications
making use of OpenSSL are generally vulnerable to such an attack, unless
RSA blinding has been turned on. OpenSSL does not use RSA blinding by
default and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key. This could be done by determining factors using timing
differences on:
(1) The number of extra reductions during Montgomery reduction
(2) The use of different integer multiplication algorithms ("Karatsuba" and
normal)
In order for an attack to be successful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext. This is also known as the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against
Klima-Pokorny-Rosa attacks.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of Stronghold 3.0 that fix two OpenSSL vulnerabilities are\nnow available.", title: "Topic", }, { category: "general", text: "Stronghold 3 contains a number of open source technologies including\nOpenSSL. Two issues in OpenSSL have recently been discovered:\n\nOpenSSL is a commercial-grade, full-featured, and open source toolkit that\nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols. It also implements a full-strength general \npurpose cryptography library.\n\nResearchers have discovered a timing attack on RSA keys. Applications\nmaking use of OpenSSL are generally vulnerable to such an attack, unless\nRSA blinding has been turned on. OpenSSL does not use RSA blinding by\ndefault and most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key. This could be done by determining factors using timing\ndifferences on:\n\n(1) The number of extra reductions during Montgomery reduction\n\n(2) The use of different integer multiplication algorithms (\"Karatsuba\" and\nnormal)\n\nIn order for an attack to be successful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext. This is also known as the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against\nKlima-Pokorny-Rosa attacks.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:117", url: "https://access.redhat.com/errata/RHSA-2003:117", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_117.json", }, ], title: "Red Hat Security Advisory: openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:04+00:00", generator: { date: "2024-11-21T22:43:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:117", initial_release_date: "2003-04-15T13:13:00+00:00", revision_history: [ { date: "2003-04-15T13:13:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-25T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 3", product: { name: "Red Hat Stronghold 3", product_id: "Red Hat Stronghold 3", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:3", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 3", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-15T13:13:00+00:00", details: "We have backported the security fixes for the versions of OpenSSL included\nin Stronghold 3. Stronghold 3.0 build code 3022 is now available, includes\nthese fixes, and can be downloaded from:\n\nhttp://stronghold.redhat.com/sh3/\n\nFor information on how to upgrade between releases of Stronghold 3.0, see:\n\nhttp://stronghold.redhat.com/support/upgrade-sh3.xml", product_ids: [ "Red Hat Stronghold 3", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:117", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003:116
Vulnerability from csaf_redhat
Published
2003-03-28 13:43
Modified
2024-11-21 22:43
Summary
Red Hat Security Advisory: apache, openssl security update for Stronghold
Notes
Topic
Updated versions of cross-platform Stronghold 4 are available to fix a
number of vulnerabilities in OpenSSL and Apache.
Details
Stronghold 4 contains various open source technologies such as OpenSSL and
Apache. A number of issues have been found in versions of these projects:
Researchers discovered a timing attack on RSA keys that affects OpenSSL.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction and (2) the use of
different integer multiplication algorithms (Karatsuba and normal).
Stronghold does not enable RSA blinding by default and is, therefore,
vulnerable to this attack.
The SSL and TLS components for OpenSSL allow remote attackers to perform an
unauthorized RSA private key operation via a modified Bleichenbacher
attack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a
large number of SSL or TLS connections, using PKCS #1 v1.5 padding, and
causes OpenSSL to leak information regarding the relationship between
ciphertext and the associated plaintext.
Versions of Apache 1.3 before 1.3.25 do not filter terminal escape
sequences from access logs, which could make it easier for attackers to
insert those sequences into terminal emulators containing vulnerabilities
related to escape sequences.
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default, thereby protecting against the
Klima-Pokorny-Rosa attack, and a patch to filter escape sequences from
Apache access logs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated versions of cross-platform Stronghold 4 are available to fix a\nnumber of vulnerabilities in OpenSSL and Apache.", title: "Topic", }, { category: "general", text: "Stronghold 4 contains various open source technologies such as OpenSSL and\nApache. A number of issues have been found in versions of these projects:\n\nResearchers discovered a timing attack on RSA keys that affects OpenSSL. \nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction and (2) the use of\ndifferent integer multiplication algorithms (Karatsuba and normal).\nStronghold does not enable RSA blinding by default and is, therefore,\nvulnerable to this attack.\n\nThe SSL and TLS components for OpenSSL allow remote attackers to perform an\nunauthorized RSA private key operation via a modified Bleichenbacher\nattack. This attack (also known as the Klima-Pokorny-Rosa attack) uses a\nlarge number of SSL or TLS connections, using PKCS #1 v1.5 padding, and\ncauses OpenSSL to leak information regarding the relationship between\nciphertext and the associated plaintext.\n\nVersions of Apache 1.3 before 1.3.25 do not filter terminal escape\nsequences from access logs, which could make it easier for attackers to\ninsert those sequences into terminal emulators containing vulnerabilities\nrelated to escape sequences.\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default, thereby protecting against the\nKlima-Pokorny-Rosa attack, and a patch to filter escape sequences from\nApache access logs.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:116", url: "https://access.redhat.com/errata/RHSA-2003:116", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030319.txt", url: "http://www.openssl.org/news/secadv_20030319.txt", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20030317.txt", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_116.json", }, ], title: "Red Hat Security Advisory: apache, openssl security update for Stronghold", tracking: { current_release_date: "2024-11-21T22:43:00+00:00", generator: { date: "2024-11-21T22:43:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:116", initial_release_date: "2003-03-28T13:43:00+00:00", revision_history: [ { date: "2003-03-28T13:43:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-03-28T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:43:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Stronghold 4", product: { name: "Red Hat Stronghold 4", product_id: "Red Hat Stronghold 4", product_identification_helper: { cpe: "cpe:/a:redhat:stronghold:4", }, }, }, ], category: "product_family", name: "Stronghold Cross Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0083", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616961", }, ], notes: [ { category: "description", text: "Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0083", }, { category: "external", summary: "RHBZ#1616961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0083", url: "https://www.cve.org/CVERecord?id=CVE-2003-0083", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0083", }, ], release_date: "2003-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], title: "security flaw", }, { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Stronghold 4", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-03-28T13:43:00+00:00", details: "Fixed Stronghold 4 packages are now available via the update agent service; run\n\n$ bin/agent\n\nfrom the Stronghold 4 install root to upgrade an existing Stronghold 4\ninstallation to the new package versions. After upgrading Stronghold, the\nserver must be completely restarted by running the following commands from\nthe install root:\n\n$ bin/stop-server\n$ bin/start-server\n\nFor more information on how to upgrade between releases of Stronghold 4,\nsee http://stronghold.redhat.com/support/upgrade-sh4", product_ids: [ "Red Hat Stronghold 4", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:116", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
RHSA-2003:101
Vulnerability from csaf_redhat
Published
2003-04-01 15:50
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against the
"Klima-Pokorny-Rosa attack."
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against the\n\"Klima-Pokorny-Rosa attack.\"\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:101", url: "https://access.redhat.com/errata/RHSA-2003:101", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_101.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:42:53+00:00", generator: { date: "2024-11-21T22:42:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:101", initial_release_date: "2003-04-01T15:50:00+00:00", revision_history: [ { date: "2003-04-01T15:50:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-04-01T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, { category: "product_name", name: "Red Hat Linux 9", product: { name: "Red Hat Linux 9", product_id: "Red Hat Linux 9", product_identification_helper: { cpe: "cpe:/o:redhat:linux:9", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
rhsa-2003:101
Vulnerability from csaf_redhat
Published
2003-04-01 15:50
Modified
2024-11-21 22:42
Summary
Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities
Notes
Topic
Updated OpenSSL packages are available that fix a potential timing-based
attack and a modified Bleichenbacher attack.
Details
OpenSSL is a commercial-grade, full-featured, and open source toolkit that
implements Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols as well as a full-strength general purpose
cryptography library.
Researchers discovered a timing attack on RSA keys. Applications making
use of OpenSSL are generally vulnerable to such an attack, unless RSA
blinding has been turned on. OpenSSL does not use RSA blinding by default
and most applications do not enable RSA blinding.
A local or remote attacker could use this attack to obtain the server's
private key by determining factors using timing differences on (1) the
number of extra reductions during Montgomery reduction, and (2) the use of
different integer multiplication algorithms ("Karatsuba" and normal).
In order for an attack to be sucessful, an attacker must have good
network conditions that allow small changes in timing to be reliably
observed.
Additionally, the SSL and TLS components for OpenSSL allow remote attackers
to perform an unauthorized RSA private key operation via a modified
Bleichenbacher attack. This attack uses a large number of SSL or TLS
connections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak
information regarding the relationship between ciphertext and the
associated plaintext, aka the "Klima-Pokorny-Rosa attack."
These erratum packages contain a patch provided by the OpenSSL group that
enables RSA blinding by default and protects against the
"Klima-Pokorny-Rosa attack."
Because server applications are affected by these vulnerabilities, users
are advised to restart all services that use OpenSSL functionality or
reboot their systems after installing these updates.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated OpenSSL packages are available that fix a potential timing-based\nattack and a modified Bleichenbacher attack.", title: "Topic", }, { category: "general", text: "OpenSSL is a commercial-grade, full-featured, and open source toolkit that \nimplements Secure Sockets Layer (SSL v2/v3) and Transport Layer\nSecurity (TLS v1) protocols as well as a full-strength general purpose\ncryptography library.\n\nResearchers discovered a timing attack on RSA keys. Applications making\nuse of OpenSSL are generally vulnerable to such an attack, unless RSA\nblinding has been turned on. OpenSSL does not use RSA blinding by default\nand most applications do not enable RSA blinding. \n\nA local or remote attacker could use this attack to obtain the server's\nprivate key by determining factors using timing differences on (1) the\nnumber of extra reductions during Montgomery reduction, and (2) the use of\ndifferent integer multiplication algorithms (\"Karatsuba\" and normal).\n\nIn order for an attack to be sucessful, an attacker must have good\nnetwork conditions that allow small changes in timing to be reliably\nobserved.\n\nAdditionally, the SSL and TLS components for OpenSSL allow remote attackers\nto perform an unauthorized RSA private key operation via a modified\nBleichenbacher attack. This attack uses a large number of SSL or TLS\nconnections, using PKCS #1 v1.5 padding, and causes OpenSSL to leak\ninformation regarding the relationship between ciphertext and the\nassociated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"\n\nThese erratum packages contain a patch provided by the OpenSSL group that\nenables RSA blinding by default and protects against the\n\"Klima-Pokorny-Rosa attack.\"\n\nBecause server applications are affected by these vulnerabilities, users\nare advised to restart all services that use OpenSSL functionality or\nreboot their systems after installing these updates.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2003:101", url: "https://access.redhat.com/errata/RHSA-2003:101", }, { category: "external", summary: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { category: "external", summary: "http://eprint.iacr.org/2003/052/", url: "http://eprint.iacr.org/2003/052/", }, { category: "external", summary: "86112", url: "https://bugzilla.redhat.com/show_bug.cgi?id=86112", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2003/rhsa-2003_101.json", }, ], title: "Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities", tracking: { current_release_date: "2024-11-21T22:42:53+00:00", generator: { date: "2024-11-21T22:42:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2003:101", initial_release_date: "2003-04-01T15:50:00+00:00", revision_history: [ { date: "2003-04-01T15:50:00+00:00", number: "1", summary: "Initial version", }, { date: "2003-04-01T00:00:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-21T22:42:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Linux 6.2", product: { name: "Red Hat Linux 6.2", product_id: "Red Hat Linux 6.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:6.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.0", product: { name: "Red Hat Linux 7.0", product_id: "Red Hat Linux 7.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.0", }, }, }, { category: "product_name", name: "Red Hat Linux 7.1", product: { name: "Red Hat Linux 7.1", product_id: "Red Hat Linux 7.1", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.1", }, }, }, { category: "product_name", name: "Red Hat Linux 7.2", product: { name: "Red Hat Linux 7.2", product_id: "Red Hat Linux 7.2", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.2", }, }, }, { category: "product_name", name: "Red Hat Linux 7.3", product: { name: "Red Hat Linux 7.3", product_id: "Red Hat Linux 7.3", product_identification_helper: { cpe: "cpe:/o:redhat:linux:7.3", }, }, }, { category: "product_name", name: "Red Hat Linux 8.0", product: { name: "Red Hat Linux 8.0", product_id: "Red Hat Linux 8.0", product_identification_helper: { cpe: "cpe:/o:redhat:linux:8.0", }, }, }, { category: "product_name", name: "Red Hat Linux 9", product: { name: "Red Hat Linux 9", product_id: "Red Hat Linux 9", product_identification_helper: { cpe: "cpe:/o:redhat:linux:9", }, }, }, ], category: "product_family", name: "Red Hat Linux", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2003-0131", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616975", }, ], notes: [ { category: "description", text: "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 4 and 5 are not vulnerable to this issue as they both contain a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0131", }, { category: "external", summary: "RHBZ#1616975", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616975", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0131", url: "https://www.cve.org/CVERecord?id=CVE-2003-0131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0131", }, ], release_date: "2003-03-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, { cve: "CVE-2003-0147", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1616986", }, ], notes: [ { category: "description", text: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", title: "Vulnerability description", }, { category: "summary", text: "security flaw", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", title: "Statement", }, ], product_status: { fixed: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2003-0147", }, { category: "external", summary: "RHBZ#1616986", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1616986", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2003-0147", url: "https://www.cve.org/CVERecord?id=CVE-2003-0147", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, ], release_date: "2003-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2003-04-01T15:50:00+00:00", details: "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.", product_ids: [ "Red Hat Linux 6.2", "Red Hat Linux 7.0", "Red Hat Linux 7.1", "Red Hat Linux 7.2", "Red Hat Linux 7.3", "Red Hat Linux 8.0", "Red Hat Linux 9", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2003:101", }, ], threats: [ { category: "impact", details: "Important", }, ], title: "security flaw", }, ], }
gsd-2003-0147
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
Aliases
Aliases
{ GSD: { alias: "CVE-2003-0147", description: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", id: "GSD-2003-0147", references: [ "https://www.debian.org/security/2003/dsa-288", "https://access.redhat.com/errata/RHSA-2003:205", "https://access.redhat.com/errata/RHSA-2003:117", "https://access.redhat.com/errata/RHSA-2003:116", "https://access.redhat.com/errata/RHSA-2003:102", "https://access.redhat.com/errata/RHSA-2003:101", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2003-0147", ], details: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", id: "GSD-2003-0147", modified: "2023-12-13T01:22:13.446761Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-288", refsource: "DEBIAN", url: "http://www.debian.org/security/2003/dsa-288", }, { name: "RHSA-2003:101", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { name: "RHSA-2003:102", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { name: "http://www.openssl.org/news/secadv_20030317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { name: "GLSA-200303-15", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { name: "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "APPLE-SA-2003-03-24", refsource: "APPLE", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { name: "20030317 [ADVISORY] Timing Attack on OpenSSL", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { name: "CSSA-2003-014.0", refsource: "CALDERA", url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { name: "MDKSA-2003:035", refsource: "MANDRAKE", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { name: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", refsource: "MISC", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { name: "GLSA-200303-23", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { name: "oval:org.mitre.oval:def:466", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { name: "OpenPKG-SA-2003.019", refsource: "OPENPKG", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { name: "GLSA-200303-24", refsource: "GENTOO", url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { name: "IMNX-2003-7+-001-01", refsource: "IMMUNIX", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030327 Immunix Secured OS 7+ openssl update", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030501-01-I", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "20030313 Vulnerability in OpenSSL", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { name: "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { name: "CLA-2003:625", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { name: "VU#997481", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/997481", }, { name: "20030313 OpenSSL Private Key Disclosure", refsource: "VULNWATCH", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-0147", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], }, ], }, references: { reference_data: [ { name: "20030313 OpenSSL Private Key Disclosure", refsource: "VULNWATCH", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, { name: "VU#997481", refsource: "CERT-VN", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/997481", }, { name: "http://www.openssl.org/news/secadv_20030317.txt", refsource: "CONFIRM", tags: [], url: "http://www.openssl.org/news/secadv_20030317.txt", }, { name: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", refsource: "MISC", tags: [], url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { name: "DSA-288", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2003/dsa-288", }, { name: "MDKSA-2003:035", refsource: "MANDRAKE", tags: [], url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { name: "RHSA-2003:101", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { name: "RHSA-2003:102", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { name: "20030501-01-I", refsource: "SGI", tags: [], url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { name: "CLA-2003:625", refsource: "CONECTIVA", tags: [], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { name: "CSSA-2003-014.0", refsource: "CALDERA", tags: [], url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { name: "GLSA-200303-23", refsource: "GENTOO", tags: [], url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { name: "OpenPKG-SA-2003.019", refsource: "OPENPKG", tags: [], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { name: "20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)", refsource: "BUGTRAQ", tags: [], url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { name: "20030317 [ADVISORY] Timing Attack on OpenSSL", refsource: "BUGTRAQ", tags: [], url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { name: "GLSA-200303-15", refsource: "GENTOO", tags: [], url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { name: "20030313 Vulnerability in OpenSSL", refsource: "BUGTRAQ", tags: [], url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { name: "GLSA-200303-24", refsource: "GENTOO", tags: [], url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { name: "oval:org.mitre.oval:def:466", refsource: "OVAL", tags: [], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { name: "IMNX-2003-7+-001-01", refsource: "IMMUNIX", tags: [], url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { name: "20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2018-10-19T15:29Z", publishedDate: "2003-03-31T05:00Z", }, }, }
ghsa-4q57-g9fh-w67x
Vulnerability from github
Published
2022-05-03 03:09
Modified
2022-05-03 03:09
Details
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
{ affected: [], aliases: [ "CVE-2003-0147", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2003-03-31T05:00:00Z", severity: "MODERATE", }, details: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", id: "GHSA-4q57-g9fh-w67x", modified: "2022-05-03T03:09:40Z", published: "2022-05-03T03:09:40Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2003-0147", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { type: "WEB", url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, { type: "WEB", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { type: "WEB", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { type: "WEB", url: "http://www.debian.org/security/2003/dsa-288", }, { type: "WEB", url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { type: "WEB", url: "http://www.kb.cert.org/vuls/id/997481", }, { type: "WEB", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { type: "WEB", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { type: "WEB", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { type: "WEB", url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, ], schema_version: "1.4.0", severity: [], }
fkie_cve-2003-0147
Vulnerability from fkie_nvd
Published
2003-03-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openpkg | openpkg | * | |
| openpkg | openpkg | 1.1 | |
| openpkg | openpkg | 1.2 | |
| openssl | openssl | 0.9.6 | |
| openssl | openssl | 0.9.6a | |
| openssl | openssl | 0.9.6b | |
| openssl | openssl | 0.9.6c | |
| openssl | openssl | 0.9.6d | |
| openssl | openssl | 0.9.6e | |
| openssl | openssl | 0.9.6g | |
| openssl | openssl | 0.9.6h | |
| openssl | openssl | 0.9.6i | |
| openssl | openssl | 0.9.7 | |
| openssl | openssl | 0.9.7a | |
| stunnel | stunnel | 3.7 | |
| stunnel | stunnel | 3.8 | |
| stunnel | stunnel | 3.9 | |
| stunnel | stunnel | 3.10 | |
| stunnel | stunnel | 3.11 | |
| stunnel | stunnel | 3.12 | |
| stunnel | stunnel | 3.13 | |
| stunnel | stunnel | 3.14 | |
| stunnel | stunnel | 3.15 | |
| stunnel | stunnel | 3.16 | |
| stunnel | stunnel | 3.17 | |
| stunnel | stunnel | 3.18 | |
| stunnel | stunnel | 3.19 | |
| stunnel | stunnel | 3.20 | |
| stunnel | stunnel | 3.21 | |
| stunnel | stunnel | 3.22 | |
| stunnel | stunnel | 4.0 | |
| stunnel | stunnel | 4.01 | |
| stunnel | stunnel | 4.02 | |
| stunnel | stunnel | 4.03 | |
| stunnel | stunnel | 4.04 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", matchCriteriaId: "F74941A0-97CA-44D4-B55B-9224F051D40F", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*", matchCriteriaId: "85CCF640-211C-4EC0-9F41-68F5B39CA3F7", vulnerable: true, }, { criteria: "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*", matchCriteriaId: "B6ADD463-E918-4F4D-9FA7-D109EBC98BD8", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", matchCriteriaId: "B5E4742C-A983-4F00-B24F-AB280C0E876D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", matchCriteriaId: "8A0628DF-3A4C-4078-B615-22260671EABF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", matchCriteriaId: "962FCB86-15AD-4399-8B7D-EC1DEA919C59", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*", matchCriteriaId: "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*", matchCriteriaId: "400FE849-D547-44DE-B06F-5B68E5B20E07", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*", matchCriteriaId: "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*", matchCriteriaId: "B256301B-9C6A-4BA6-8318-675C0EF4C316", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*", matchCriteriaId: "EC33DAEE-8F51-404F-B5C4-B8A30B467E94", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*", matchCriteriaId: "1FCDC66D-3BF5-4763-8877-38B0D3326E62", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*", matchCriteriaId: "75772E28-BD93-4981-96FA-CDF41DAF65AF", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*", matchCriteriaId: "2415230E-4F66-4DDE-9E34-F685E8F4085A", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*", matchCriteriaId: "5121749D-3E19-4A9B-8C2D-84420A4E289B", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*", matchCriteriaId: "6E14DE44-69E6-4D0E-AD06-A829AFCDE528", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*", matchCriteriaId: "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*", matchCriteriaId: "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*", matchCriteriaId: "B5D49F98-9A24-464A-8695-58218C14B3DC", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*", matchCriteriaId: "ADFFE78D-90EC-46C6-B215-2EADD9E0D146", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*", matchCriteriaId: "6132108C-C344-4ABC-AF40-1925830A6723", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*", matchCriteriaId: "F16BDA03-BFAB-4839-A83A-370865928225", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6FC396CE-FDA7-480C-9E94-1A26B7FB208E", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*", matchCriteriaId: "C7B30722-13DD-41C5-9CFA-0719B351CF46", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*", matchCriteriaId: "722BA04D-BA9B-427C-B129-06EFEC3F2859", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*", matchCriteriaId: "2891FF7D-E62E-47F4-8873-1E4066247348", vulnerable: true, }, { criteria: "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*", matchCriteriaId: "6A129110-60C1-46FC-9817-6E3802ADB389", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal).", }, ], id: "CVE-2003-0147", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-03-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, { source: "cve@mitre.org", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2003/dsa-288", }, { source: "cve@mitre.org", url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/997481", }, { source: "cve@mitre.org", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { source: "cve@mitre.org", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { source: "cve@mitre.org", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2003/dsa-288", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/997481", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openssl.org/news/secadv_20030317.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-101.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2003-102.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-200303-0010
Vulnerability from variot
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal). Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency. OpenSSL so RSA Is used for the encryption algorithm, RSA There is a vulnerability that is subject to timing attacks that can analyze the private key by measuring and analyzing the processing time when generating the private key in the format.The server's private key may be obtained. A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200303-0010", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "4.04", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "4.03", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "4.02", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "4.01", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "3.22", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "3.21", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "3.19", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "3.18", }, { model: "stunnel", scope: "eq", trust: 1.9, vendor: "stunnel", version: "3.20", }, { model: "stunnel", scope: "eq", trust: 1.6, vendor: "stunnel", version: "4.0", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.17", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.16", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.15", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.14", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.13", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.12", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.11", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.9", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.8", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.7", }, { model: "stunnel", scope: "eq", trust: 1.3, vendor: "stunnel", version: "3.10", }, { model: "openpkg", scope: "eq", trust: 1.3, vendor: "openpkg", version: "1.2", }, { model: "openpkg", scope: "eq", trust: 1.3, vendor: "openpkg", version: "1.1", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6h", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.7", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6", }, { model: "openpkg", scope: "eq", trust: 1, vendor: "openpkg", version: "*", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6a", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6g", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6i", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6e", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6b", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.7a", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6c", }, { model: "openssl", scope: "eq", trust: 1, vendor: "openssl", version: "0.9.6d", }, { model: null, scope: null, trust: 0.8, vendor: "apple computer", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "conectiva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "covalent", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "crypto", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "f5", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "foundry", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "fressh", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gnu libgcrypt", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gnu tls", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "gentoo linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "guardian digital", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hitachi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "intoto", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mandrakesoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "netbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openpkg", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openssh", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openssl", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sgi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ssh security", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "slackware", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sorceror linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "stonesoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "stunnel", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "the sco group", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "trustix secure linux", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "vandyke", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "wirex", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cryptlib", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "esoft", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mod ssl", version: null, }, { model: "http server", scope: "lte", trust: 0.8, vendor: "apache", version: "2.0.44", }, { model: "openssh", scope: "lte", trust: 0.8, vendor: "openbsd", version: "3.5", }, { model: "openssl", scope: "lte", trust: 0.8, vendor: "openssl", version: "0.9.6j", }, { model: "openssl", scope: "lte", trust: 0.8, vendor: "openssl", version: "0.9.7b", }, { model: "application server", scope: "eq", trust: 0.8, vendor: "oracle", version: "1.0.2.2", }, { model: "application server", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.0.2", }, { model: "application server", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.0.3", }, { model: "database", scope: "eq", trust: 0.8, vendor: "oracle", version: "8.1.7.4", }, { model: "database", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.0.1.4", }, { model: "database", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.2.0.2", }, { model: "database", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.2.0.3", }, { model: "database", scope: "eq", trust: 0.8, vendor: "oracle", version: "9.2.0.4", }, { model: "cobalt raq4", scope: null, trust: 0.8, vendor: "sun microsystems", version: null, }, { model: "cobalt raq550", scope: null, trust: 0.8, vendor: "sun microsystems", version: null, }, { model: "cobalt raqxtr", scope: null, trust: 0.8, vendor: "sun microsystems", version: null, }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "9 (x86)", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "6.5", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "7", }, { model: "turbolinux server", scope: "eq", trust: 0.8, vendor: "turbo linux", version: "8", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.00", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.11", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.20", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.22", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "11.23", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "6.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.0", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.1", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.3", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "8.0", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "9", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "4.0.4", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "4.0.3", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "4.0.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "4.0.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.8", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.7", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.6", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.5", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.4", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.3", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.4", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.3.4", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.3.3", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.3.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.3.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.3", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.2.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.2.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.1.2", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.1.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.1", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "3.0", }, { model: "securecrt", scope: "eq", trust: 0.3, vendor: "vandyke", version: "2.4", }, { model: "cobalt raq xtr", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "cobalt raq", scope: "eq", trust: 0.3, vendor: "sun", version: "550", }, { model: "cobalt raq", scope: "eq", trust: 0.3, vendor: "sun", version: "4", }, { model: "cobalt qube", scope: "eq", trust: 0.3, vendor: "sun", version: "3", }, { model: "stunnel", scope: "eq", trust: 0.3, vendor: "stunnel", version: "4.00", }, { model: "communications security ipsec express toolkit", scope: null, trust: 0.3, vendor: "ssh", version: null, }, { model: "communications security certificate/tls toolkit", scope: null, trust: 0.3, vendor: "ssh", version: null, }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.19", }, { model: "mgetty-sendfax-1.1.14-8.i386.rpm", scope: "eq", trust: 0.3, vendor: "redhat", version: "2.2", }, { model: "oracle9i standard edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.2", }, { model: "oracle9i standard edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.1", }, { model: "oracle9i standard edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.1.7", }, { model: "oracle9i personal edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.2", }, { model: "oracle9i personal edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.1", }, { model: "oracle9i personal edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.1.7", }, { model: "oracle9i enterprise edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.2.0", }, { model: "oracle9i enterprise edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.1", }, { model: "oracle9i enterprise edition", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.1.7", }, { model: "oracle9i application server", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.3", }, { model: "oracle9i application server", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.2", }, { model: "oracle9i application server", scope: "eq", trust: 0.3, vendor: "oracle", version: "1.0.2.2", }, { model: "oracle9i application server .1s", scope: "eq", trust: 0.3, vendor: "oracle", version: "1.0.2", }, { model: "http server", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.2.0", }, { model: "http server", scope: "eq", trust: 0.3, vendor: "oracle", version: "9.0.1", }, { model: "http server", scope: "eq", trust: 0.3, vendor: "oracle", version: "8.1.7", }, { model: "project openssl a", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.7", }, { model: "project openssl", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.7", }, { model: "project openssl i", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl h", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl g", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl e", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl d", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl c", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl b", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl a", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "project openssl", scope: "eq", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "current", scope: null, trust: 0.3, vendor: "openpkg", version: null, }, { model: "mod ssl", scope: "eq", trust: 0.3, vendor: "mod ssl", version: "2.8.14", }, { model: "igateway", scope: "eq", trust: 0.3, vendor: "intoto", version: "3.2", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "11.22", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "11.11", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "11.0", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.5", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.4", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.3", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.2", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.1", }, { model: "transport layer security library", scope: "eq", trust: 0.3, vendor: "gnu", version: "0.8.0", }, { model: "libgcrypt", scope: "eq", trust: 0.3, vendor: "gnu", version: "1.1.12", }, { model: "libgcrypt", scope: "eq", trust: 0.3, vendor: "gnu", version: "1.1.11", }, { model: "libgcrypt", scope: "eq", trust: 0.3, vendor: "gnu", version: "1.1.10", }, { model: "libgcrypt", scope: "eq", trust: 0.3, vendor: "gnu", version: "1.1.9", }, { model: "libgcrypt", scope: "eq", trust: 0.3, vendor: "gnu", version: "1.1.8", }, { model: "networks ironview", scope: null, trust: 0.3, vendor: "foundry", version: null, }, { model: "big-ip blade controller ptf-01", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.4", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.3", }, { model: "big-ip", scope: "eq", trust: 0.3, vendor: "f5", version: "4.2", }, { model: "3-dns", scope: "eq", trust: 0.3, vendor: "f5", version: "4.5", }, { model: "crypto++ library", scope: "eq", trust: 0.3, vendor: "crypto", version: "5.0", }, { model: "crypto++ library", scope: "eq", trust: 0.3, vendor: "crypto", version: "4.2", }, { model: "fast start server", scope: "eq", trust: 0.3, vendor: "covalent", version: "3.3", }, { model: "fast start server", scope: "eq", trust: 0.3, vendor: "covalent", version: "3.2", }, { model: "fast start server", scope: "eq", trust: 0.3, vendor: "covalent", version: "3.1", }, { model: "enterprise ready server", scope: "eq", trust: 0.3, vendor: "covalent", version: "2.3", }, { model: "enterprise ready server", scope: "eq", trust: 0.3, vendor: "covalent", version: "2.2", }, { model: "enterprise ready server", scope: "eq", trust: 0.3, vendor: "covalent", version: "2.1", }, { model: "associates etrust security command center", scope: "eq", trust: 0.3, vendor: "computer", version: "1.0", }, { model: "tru64 b", scope: "eq", trust: 0.3, vendor: "compaq", version: "5.1", }, { model: "tru64 a", scope: "eq", trust: 0.3, vendor: "compaq", version: "5.1", }, { model: "tru64", scope: "eq", trust: 0.3, vendor: "compaq", version: "5.1", }, { model: "tru64 a", scope: "eq", trust: 0.3, vendor: "compaq", version: "5.0", }, { model: "tru64 g", scope: "eq", trust: 0.3, vendor: "compaq", version: "4.0", }, { model: "tru64 f", scope: "eq", trust: 0.3, vendor: "compaq", version: "4.0", }, { model: "openvms vax", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.3", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.3", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2.1", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2-2", }, { model: "openvms -1h2 alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2", }, { model: "openvms -1h1 alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2", }, { model: "openvms vax", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.2", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.1-2", }, { model: "openvms vax", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.1", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "7.1", }, { model: "openvms vax", scope: "eq", trust: 0.3, vendor: "compaq", version: "6.2", }, { model: "openvms alpha", scope: "eq", trust: 0.3, vendor: "compaq", version: "6.2", }, { model: "openvms", scope: "eq", trust: 0.3, vendor: "compaq", version: "6.2", }, { model: "securecrt", scope: "ne", trust: 0.3, vendor: "vandyke", version: "4.0.5", }, { model: "project openssl b", scope: "ne", trust: 0.3, vendor: "openssl", version: "0.9.7", }, { model: "project openssl j", scope: "ne", trust: 0.3, vendor: "openssl", version: "0.9.6", }, { model: "openssh", scope: "ne", trust: 0.3, vendor: "openssh", version: "3.6.1", }, { model: "hp-ux apache-based web server", scope: "ne", trust: 0.3, vendor: "hp", version: "1.0.07.01", }, { model: "crypto++ library", scope: "ne", trust: 0.3, vendor: "crypto", version: "5.1", }, ], sources: [ { db: "CERT/CC", id: "VU#997481", }, { db: "BID", id: "7101", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "CNNVD", id: "CNNVD-200303-116", }, { db: "NVD", id: "CVE-2003-0147", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:apache:http_server", vulnerable: true, }, { cpe22Uri: "cpe:/a:openbsd:openssh", vulnerable: true, }, { cpe22Uri: "cpe:/a:openssl:openssl", vulnerable: true, }, { cpe22Uri: "cpe:/a:oracle:application_server", vulnerable: true, }, { cpe22Uri: "cpe:/a:oracle:database_server", vulnerable: true, }, { cpe22Uri: "cpe:/h:sun:sun_cobalt_raq_4", vulnerable: true, }, { cpe22Uri: "cpe:/h:sun:sun_cobalt_raq_550", vulnerable: true, }, { cpe22Uri: "cpe:/h:sun:sun_cobalt_raq_xtr", vulnerable: true, }, { cpe22Uri: "cpe:/o:sun:solaris", vulnerable: true, }, { cpe22Uri: "cpe:/o:turbolinux:turbolinux_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:hp:hp-ux", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:linux", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2003-000098", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "David Brumley and Dan Boneh.", sources: [ { db: "CNNVD", id: "CNNVD-200303-116", }, ], trust: 0.6, }, cve: "CVE-2003-0147", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2003-0147", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2003-0147", trust: 1, value: "MEDIUM", }, { author: "CARNEGIE MELLON", id: "VU#997481", trust: 0.8, value: "9.42", }, { author: "NVD", id: "CVE-2003-0147", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-200303-116", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#997481", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "CNNVD", id: "CNNVD-200303-116", }, { db: "NVD", id: "CVE-2003-0147", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal). Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency. OpenSSL so RSA Is used for the encryption algorithm, RSA There is a vulnerability that is subject to timing attacks that can analyze the private key by measuring and analyzing the processing time when generating the private key in the format.The server's private key may be obtained. A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation", sources: [ { db: "NVD", id: "CVE-2003-0147", }, { db: "CERT/CC", id: "VU#997481", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "BID", id: "7101", }, ], trust: 2.61, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2003-0147", trust: 2.7, }, { db: "CERT/CC", id: "VU#997481", trust: 1.8, }, { db: "BID", id: "7101", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2003-000098", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200303-116", trust: 0.6, }, ], sources: [ { db: "CERT/CC", id: "VU#997481", }, { db: "BID", id: "7101", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "CNNVD", id: "CNNVD-200303-116", }, { db: "NVD", id: "CVE-2003-0147", }, ], }, id: "VAR-200303-0010", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4615448, }, last_update_date: "2024-11-22T22:58:35.946000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.apache.org/", }, { title: "HPSBUX00280", trust: 0.8, url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00954663", }, { title: "HPSBUX0304-255", trust: 0.8, url: "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0304-255", }, { title: "HPSBUX0309-280", trust: 0.8, url: "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX0309-280.html", }, { title: "HPSBUX0304-255", trust: 0.8, url: "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX0304-255.html", }, { title: "secadv_20030317", trust: 0.8, url: "http://www.openssl.org/news/secadv_20030317.txt", }, { title: "RHSA-2003:205", trust: 0.8, url: "http://rhn.redhat.com/errata/RHSA-2003-205.html", }, { title: "RHSA-2003:102", trust: 0.8, url: "http://rhn.redhat.com/errata/RHSA-2003-102.html", }, { title: "RHSA-2003:101", trust: 0.8, url: "https://rhn.redhat.com/errata/RHSA-2003-101.html", }, { title: "56380", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56380-1", }, { title: "56380", trust: 0.8, url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56380-3", }, { title: "4 Apache & SSL Security 2.0.1", trust: 0.8, url: "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng&nav=patchpage", }, { title: "XTR Apache & SSL Security 1.0.1", trust: 0.8, url: "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng&nav=patchpage", }, { title: "550 Apache & SSL Security 0.0.1", trust: 0.8, url: "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng&nav=patchpage", }, { title: "TLSA-2003-22", trust: 0.8, url: "http://www.turbolinux.com/security/2003/TLSA-2003-22.txt", }, { title: "#62", trust: 0.8, url: "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf", }, { title: "RHSA-2003:205", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-205J.html", }, { title: "RHSA-2003:102", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-102J.html", }, { title: "RHSA-2003:101", trust: 0.8, url: "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-101J.html", }, { title: "TLSA-2003-22", trust: 0.8, url: "http://www.turbolinux.co.jp/security/2003/TLSA-2003-22j.txt", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2003-000098", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2003-0147", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 4, url: "http://www.securityfocus.com/archive/1/316165/30/25370/threaded", }, { trust: 4, url: "http://www.securityfocus.com/archive/1/316577/30/25310/threaded", }, { trust: 2.8, url: "http://www.openssl.org/news/secadv_20030317.txt", }, { trust: 2, url: "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-014.0.txt", }, { trust: 2, url: "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-i", }, { trust: 2, url: "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html", }, { trust: 2, url: "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf", }, { trust: 2, url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625", }, { trust: 2, url: "http://marc.info/?l=bugtraq&m=104766550528628&w=2", }, { trust: 2, url: "http://marc.info/?l=bugtraq&m=104792570615648&w=2", }, { trust: 2, url: "http://marc.info/?l=bugtraq&m=104819602408063&w=2", }, { trust: 2, url: "http://marc.info/?l=bugtraq&m=104829040921835&w=2", }, { trust: 2, url: "http://marc.info/?l=bugtraq&m=104861762028637&w=2", }, { trust: 2, url: "http://www.debian.org/security/2003/dsa-288", }, { trust: 2, url: "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml", }, { trust: 2, url: "http://www.kb.cert.org/vuls/id/997481", }, { trust: 2, url: "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:035", }, { trust: 2, url: "http://www.openpkg.com/security/advisories/openpkg-sa-2003.019.html", }, { trust: 2, url: "http://www.redhat.com/support/errata/rhsa-2003-101.html", }, { trust: 2, url: "http://www.redhat.com/support/errata/rhsa-2003-102.html", }, { trust: 2, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a466", }, { trust: 1.1, url: "http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html", }, { trust: 0.8, url: "http://ietf.org/rfc/rfc2246.txt", }, { trust: 0.8, url: "http://wp.netscape.com/eng/ssl3/draft302.txt", }, { trust: 0.8, url: "http://www.cryptography.com/resources/whitepapers/timingattacks.pdf", }, { trust: 0.8, url: "http://www.bell-labs.com/user/bleichen/papers/chosen.ps", }, { trust: 0.8, url: "ftp://ftp.rsasecurity.com/pub/pdfs/bull-2.pdf", }, { trust: 0.8, url: "ftp://ftp.rsasecurity.com/pub/pdfs/bulletn5.pdf", }, { trust: 0.8, url: "http://link.springer.de/link/service/series/0558/papers/1070/10700001.pdf", }, { trust: 0.8, url: "http://islab.oregonstate.edu/documents/people/blaze/quantize.shar", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0147", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0147", }, { trust: 0.8, url: "http://www.securiteam.com/unixfocus/5fp0c209fe.html", }, { trust: 0.8, url: "http://www.securityfocus.com/bid/7101", }, { trust: 0.3, url: "http://www.info.apple.com/usen/security/security_updates.html", }, { trust: 0.3, url: "http://www.eskimo.com/~weidai/cryptlib.html", }, { trust: 0.3, url: "http://www.openbsd.org/errata31.html#kadmin", }, { trust: 0.3, url: "http://www.openbsd.org/errata32.html", }, { trust: 0.3, url: "http://www.oracle.com/ip/deploy/ias/index.html", }, { trust: 0.3, url: "http://metalink.oracle.com", }, { trust: 0.3, url: "http://www.covalent.net/support/rotate.php?page=109", }, { trust: 0.3, url: "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf", }, { trust: 0.3, url: "/archive/1/315884", }, { trust: 0.3, url: "/archive/1/315904", }, { trust: 0.3, url: "/archive/1/315292", }, { trust: 0.3, url: "/archive/1/315069", }, ], sources: [ { db: "CERT/CC", id: "VU#997481", }, { db: "BID", id: "7101", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "NVD", id: "CVE-2003-0147", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#997481", }, { db: "BID", id: "7101", }, { db: "JVNDB", id: "JVNDB-2003-000098", }, { db: "CNNVD", id: "CNNVD-200303-116", }, { db: "NVD", id: "CVE-2003-0147", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2003-03-25T00:00:00", db: "CERT/CC", id: "VU#997481", }, { date: "2003-03-14T00:00:00", db: "BID", id: "7101", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2003-000098", }, { date: "2003-03-31T00:00:00", db: "CNNVD", id: "CNNVD-200303-116", }, { date: "2003-03-31T05:00:00", db: "NVD", id: "CVE-2003-0147", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2004-08-25T00:00:00", db: "CERT/CC", id: "VU#997481", }, { date: "2009-07-11T21:06:00", db: "BID", id: "7101", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2003-000098", }, { date: "2005-10-20T00:00:00", db: "CNNVD", id: "CNNVD-200303-116", }, { date: "2024-11-20T23:44:05.270000", db: "NVD", id: "CVE-2003-0147", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-200303-116", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability", sources: [ { db: "BID", id: "7101", }, { db: "CNNVD", id: "CNNVD-200303-116", }, ], trust: 0.9, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Configuration Error", sources: [ { db: "BID", id: "7101", }, { db: "CNNVD", id: "CNNVD-200303-116", }, ], trust: 0.9, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.