CVE-2003-0147
 
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-03-14 CVE Reserved
- 2003-03-18 CVE Published
- 2024-07-26 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (23)
URL | Tag | Source |
---|---|---|
http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf | X_refsource_misc | |
http://marc.info/?l=bugtraq&m=104766550528628&w=2 | Mailing List | |
http://marc.info/?l=bugtraq&m=104792570615648&w=2 | Mailing List | |
http://marc.info/?l=bugtraq&m=104819602408063&w=2 | Mailing List | |
http://www.kb.cert.org/vuls/id/997481 | Third Party Advisory | |
http://www.openssl.org/news/secadv_20030317.txt | X_refsource_confirm | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466 | Signature |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openpkg Search vendor "Openpkg" | Openpkg Search vendor "Openpkg" for product "Openpkg" | * | - |
Affected
| ||||||
Openpkg Search vendor "Openpkg" | Openpkg Search vendor "Openpkg" for product "Openpkg" | 1.1 Search vendor "Openpkg" for product "Openpkg" and version "1.1" | - |
Affected
| ||||||
Openpkg Search vendor "Openpkg" | Openpkg Search vendor "Openpkg" for product "Openpkg" | 1.2 Search vendor "Openpkg" for product "Openpkg" and version "1.2" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6 Search vendor "Openssl" for product "Openssl" and version "0.9.6" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6a Search vendor "Openssl" for product "Openssl" and version "0.9.6a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6b Search vendor "Openssl" for product "Openssl" and version "0.9.6b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6c Search vendor "Openssl" for product "Openssl" and version "0.9.6c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6d Search vendor "Openssl" for product "Openssl" and version "0.9.6d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6e Search vendor "Openssl" for product "Openssl" and version "0.9.6e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6g Search vendor "Openssl" for product "Openssl" and version "0.9.6g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6h Search vendor "Openssl" for product "Openssl" and version "0.9.6h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6i Search vendor "Openssl" for product "Openssl" and version "0.9.6i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7a Search vendor "Openssl" for product "Openssl" and version "0.9.7a" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.7 Search vendor "Stunnel" for product "Stunnel" and version "3.7" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.8 Search vendor "Stunnel" for product "Stunnel" and version "3.8" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.9 Search vendor "Stunnel" for product "Stunnel" and version "3.9" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.10 Search vendor "Stunnel" for product "Stunnel" and version "3.10" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.11 Search vendor "Stunnel" for product "Stunnel" and version "3.11" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.12 Search vendor "Stunnel" for product "Stunnel" and version "3.12" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.13 Search vendor "Stunnel" for product "Stunnel" and version "3.13" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.14 Search vendor "Stunnel" for product "Stunnel" and version "3.14" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.15 Search vendor "Stunnel" for product "Stunnel" and version "3.15" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.16 Search vendor "Stunnel" for product "Stunnel" and version "3.16" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.17 Search vendor "Stunnel" for product "Stunnel" and version "3.17" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.18 Search vendor "Stunnel" for product "Stunnel" and version "3.18" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.19 Search vendor "Stunnel" for product "Stunnel" and version "3.19" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.20 Search vendor "Stunnel" for product "Stunnel" and version "3.20" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.21 Search vendor "Stunnel" for product "Stunnel" and version "3.21" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 3.22 Search vendor "Stunnel" for product "Stunnel" and version "3.22" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 4.0 Search vendor "Stunnel" for product "Stunnel" and version "4.0" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 4.01 Search vendor "Stunnel" for product "Stunnel" and version "4.01" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 4.02 Search vendor "Stunnel" for product "Stunnel" and version "4.02" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 4.03 Search vendor "Stunnel" for product "Stunnel" and version "4.03" | - |
Affected
| ||||||
Stunnel Search vendor "Stunnel" | Stunnel Search vendor "Stunnel" for product "Stunnel" | 4.04 Search vendor "Stunnel" for product "Stunnel" and version "4.04" | - |
Affected
|