OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-03-18T05:00:00
Updated: 2024-08-08T01:43:35.976Z
Reserved: 2003-03-14T00:00:00
Link: CVE-2003-0147
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-03-31T05:00:00.000
Modified: 2024-11-20T23:44:05.270
Link: CVE-2003-0147
Redhat