Vulnerability & Exploit Database

Back to search

SUSE Linux Security Vulnerability: CVE-2011-1945

Severity CVSS Published Added Modified
3 (AV:N/AC:H/Au:N/C:P/I:N/A:N) May 30, 2011 December 11, 2013 July 03, 2017

Description

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

suse-upgrade-libopenssl-devel

Related Vulnerabilities