Rapid7 Vulnerability & Exploit Database

OpenSSL RSA key blinding disabled allows timing attack (CVE-2003-0147)

Back to Search

OpenSSL RSA key blinding disabled allows timing attack (CVE-2003-0147)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
03/31/2003
Created
07/25/2018
Added
11/01/2004
Modified
01/12/2015

Description

OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).

Solution(s)

  • http-openssl-0_9_6-upgrade-0_9_6_j
  • http-openssl-0_9_7-upgrade-0_9_7_b

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;