Vulnerability & Exploit Database

Back to search

SUSE Linux Security Vulnerability: CVE-2011-1945

Severity CVSS Published Added Modified
3 (AV:N/AC:H/Au:N/C:P/I:N/A:N) May 31, 2011 December 12, 2013 July 04, 2017


The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now




Related Vulnerabilities