CVE-2003-0147
Published Mar 31, 2003
Last updated 6 years ago
Overview
- Description
- OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Vendor comments
- Red HatRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F"
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85CCF640-211C-4EC0-9F41-68F5B39CA3F7"
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6ADD463-E918-4F4D-9FA7-D109EBC98BD8"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C"
},
{
"criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348"
},
{
"criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389"
}
],
"operator": "OR"
}
]
}
]