The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.23158}

epss

{'score': 0.16267}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-03-21T05:00:00

Updated: 2024-08-08T01:43:35.728Z

Reserved: 2003-03-13T00:00:00

Link: CVE-2003-0131

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2003-03-24T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2003-0131

cve-icon Redhat

Severity : Important

Publid Date: 2003-03-19T00:00:00Z

Links: CVE-2003-0131 - Bugzilla