CVE - CVE - 2003 - 0147

CVE-ID
cve - 2003 - 0147	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
OpenSSL不使用RSA致盲默认情况下,它允许本地和远程攻击者获得服务器的私钥通过确定因素(1)上使用时间差异减少额外的削减在蒙哥马利的数量,和(2)使用不同的整数乘法算法(“Karatsuba”和正常)。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
苹果:苹果- sa - 2003 - 03 - 24 URL: http://www.securityfocus.com/archive/1/316165/30/25370/threaded BUGTRAQ: 20030313在OpenSSL脆弱性 URL: http://marc.info/?l=bugtraq&m=104766550528628&w=2 BUGTRAQ: 20030317(咨询)对OpenSSL时机攻击 URL: http://marc.info/?l=bugtraq&m=104792570615648&w=2 BUGTRAQ: 20030320 [OpenPKG - sa - 2003.026] OpenPKG安全顾问(openssl) URL: http://marc.info/?l=bugtraq&m=104819602408063&w=2 BUGTRAQ: 20030325 Fwd:苹果- sa - 2003 - 03 - 24 Samba, OpenSSL URL: http://www.securityfocus.com/archive/1/316165/30/25370/threaded BUGTRAQ: 20030327 Immunix安全操作系统7 + openssl更新 URL: http://www.securityfocus.com/archive/1/316577/30/25310/threaded 火山:综援- 2003 014.0 URL: ftp://ftp.sco.com/pub/security/openlinux/cssa - 2003 014.0.txt CERT-VN: VU # 997481 URL: http://www.kb.cert.org/vuls/id/997481 CONECTIVA: CLA-2003:625 URL:~~http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000625~~(过时的源-检查机器Wayback存档) 确认:http://www.openssl.org/news/万博下载包secadv_20030317.txt DEBIAN: dsa - 288 URL: http://www.debian.org/security/2003/dsa - 288 ENGARDE: esa - 20030320 - 010 FREEBSD: FreeBSD-SA-03:06 GENTOO: glsa - 200303 - 15所示 URL: http://marc.info/?l=bugtraq&m=104829040921835&w=2 GENTOO: glsa - 200303 - 23所示 URL: http://www.gentoo.org/security/en/glsa/glsa - 200303 - 23. - xml GENTOO: glsa - 200303 - 24 URL: http://marc.info/?l=bugtraq&m=104861762028637&w=2 IMMUNIX: imnx - 2003 - 7 + 001 - 01 URL: http://www.securityfocus.com/archive/1/316577/30/25310/threaded 曼德拉草:MDKSA-2003:035 URL: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:035 MISC: http://crypto.stanford.edu/ ~达博/论文/ ssl-timing.pdf OPENPKG: OPENPKG - sa - 2003.019 URL: http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.html 椭圆形椭圆形:org.mitre.oval: def: 466 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466 红帽:RHSA-2003:101 URL: http://www.redhat.com/support/errata/rhsa - 2003 - 101. - html 红帽:RHSA-2003:102 URL: http://www.redhat.com/support/errata/rhsa - 2003 - 102. - html 红帽:RHSA-2003:205 SGI: 20030501 - 01 - i URL: ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I VULNWATCH: 20030313 OpenSSL私钥信息披露 URL: http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html
分配中央社
主教法冠公司
创建日期记录
20030314	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
修改(20071129)
票(遗留)
接受(4)贝克,科尔,绿色墙修改(1)考克斯等待(1)Christey
评论(遗留)
Christey > ENGARDE: esa - 20030320 - 010 BUGTRAQ: 20030320 [OpenPKG - sa - 2003.026] OpenPKG安全顾问(openssl)的URL: http://marc.theaimsgroup.com/?l = bugtraq&m = 104819602408063易名= 2 Christey > FREEBSD: FreeBSD-SA-03:06。openssl考克斯> Addref: http://www.openssl.org/万博下载包news/secadv_20030317.txt Christey >曼德拉草:MDKSA-2003:035 URL: http://www.mandrakesecure.net/en/advisories/advisory.php?name = MDKSA-2003:035 Christey > BUGTRAQ: 20030325 GLSA: stunnel(200303 - 24)的URL: http://marc.theaimsgroup.com/?l = bugtraq&m = 104861762028637易名= 2需要改变desc包括考克斯stunnel > REDHAT: RHSA-2003:102 URL: http://www.redhat.com/support/errata/rhsa - 2003 - 102. -考克斯html > REDHAT: RHSA-2003:101 URL: http://www.redhat.com/support/errata/rhsa - 2003 - 101. - html Christey > CONECTIVA: CLA-2003:625 URL: http://distro.conectiva.com.br/atualizacoes/?id = a&anuncio = 000625 Christey > DEBIAN: dsa - 288 URL: http://www.debian.org/security/2003/dsa - 288 Christey >曼德拉草:MDKSA-2003:035 (Vincent Danen所显示的曼德拉草)Christey > SGI: 20030501 - 01 -我URL: ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I Christey > REDHAT: RHSA-2003:205 Christey > CERT-VN: VU # 997481的URL: http://www.kb.cert.org/vuls/id/997481
提出(遗留)
20030317
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2003 - 0147