Vulnerability & Exploit Database

Back to search

SUSE Linux Security Vulnerability: CVE-2011-1945

Severity CVSS Published Added Modified
3 (AV:N/AC:H/Au:N/C:P/I:N/A:N) May 31, 2011 December 12, 2013 July 04, 2017

Description

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

suse-upgrade-libopenssl-devel

Related Vulnerabilities