CVE-2011-1945
Vulnerability from cvelistv5
Published
2011-05-31 20:00
Modified
2024-08-06 22:46
Severity ?
Summary
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:46:00.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:136",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:136"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/MAPG-8FENZ3"
          },
          {
            "name": "MDVSA-2011:137",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:137"
          },
          {
            "name": "DSA-2309",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2309"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5784"
          },
          {
            "name": "APPLE-SA-2013-06-04-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
          },
          {
            "name": "openSUSE-SU-2011:0634",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://hermes.opensuse.org/messages/8760466"
          },
          {
            "name": "VU#536044",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/536044"
          },
          {
            "name": "SUSE-SU-2011:0636",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://hermes.opensuse.org/messages/8764170"
          },
          {
            "name": "44935",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44935"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://eprint.iacr.org/2011/232.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-09-07T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "MDVSA-2011:136",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:136"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kb.cert.org/vuls/id/MAPG-8FENZ3"
        },
        {
          "name": "MDVSA-2011:137",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:137"
        },
        {
          "name": "DSA-2309",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2309"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5784"
        },
        {
          "name": "APPLE-SA-2013-06-04-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
        },
        {
          "name": "openSUSE-SU-2011:0634",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://hermes.opensuse.org/messages/8760466"
        },
        {
          "name": "VU#536044",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/536044"
        },
        {
          "name": "SUSE-SU-2011:0636",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://hermes.opensuse.org/messages/8764170"
        },
        {
          "name": "44935",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44935"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://eprint.iacr.org/2011/232.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1945",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-05-09T00:00:00",
    "dateUpdated": "2024-08-06T22:46:00.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1945\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-05-31T20:55:05.267\",\"lastModified\":\"2013-06-06T03:10:23.800\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.\"},{\"lang\":\"es\",\"value\":\"El subsistema de criptograf\u00eda de curva el\u00edptica (ECC) de OpenSSL v1.0.0d y versiones anteriores, cuando el algoritmo de firma digital de la curva el\u00edmptica(ECDSA) se utiliza para el conjunto de cifrado ECDHE_ECDSA, no aplica adecuadamente las curvas sobre campos binarios, lo que hace que sea m\u00e1s f\u00e1cil para el atacantes dependientes del contexto determinar las claves privadas a trav\u00e9s de un ataque de oportunidad y un c\u00e1lculo del entramado (lattice).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":2.6},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.0d\",\"matchCriteriaId\":\"5217BC49-DA27-4B87-B639-0C2DCC738773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14D983EC-61B0-4FD9-89B5-9878E4CE4405\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC4C5F05-BC0B-478D-9A6F-7C804777BA41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F417A1-5D97-4BC4-8B97-5AC40236DA21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EDB5A09-BE86-4352-9799-A875649EDB7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6231CAA-00A8-41CE-8436-B84518014CF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70AD93B-E876-4EAB-9970-752D42E15E99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03FA9C0-24C7-46AC-92EC-7834BC34C79B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"716ADA01-38B8-4C15-A3BB-D9688DA30599\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73326F7-7DCE-4EDE-95D7-AE7AED263A14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E4742C-A983-4F00-B24F-AB280C0E876D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA2D251C-9C45-4EFE-8262-E88AB7CE713A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D81E175-E698-40EF-9601-425893FFB1FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0F25B7-A172-4300-8718-112E817A6165\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0628DF-3A4C-4078-B615-22260671EABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"52B1BE89-BAE0-4656-943B-B9B81D9B54B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D097222B-ED20-459C-9167-55751FA2C87A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86DDC8F2-7920-4A73-927E-562C89806972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"962FCB86-15AD-4399-8B7D-EC1DEA919C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180D07AE-C571-4DD6-837C-43E2A946007A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90789533-C741-4B1C-A24B-2C77B9E4DE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1520065B-46D7-48A4-B9D0-5B49F690C5B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA526B9-726A-49D5-B3CA-EBE2DA303CA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494E48E7-EF86-4860-9A53-94F6C313746E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2636B92E-47D5-42EA-9585-A2B84FBE71CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45A518E8-21BE-4C5C-B425-410AB1208E9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3AB748-E463-445C-ABAB-4FEDDFD1878B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"660E4B8D-AABA-4520-BC4D-CF8E76E07C05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"85BFEED5-4941-41BB-93D1-CD5C2A41290E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9644CC68-1E91-45E7-8C53-1E3FC9976A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"73934717-2DA3-4614-A076-D6EDA5EB0626\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E79A05-64F3-4397-952C-A5BB950C967D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"549BB01D-F322-4FE3-BDA2-4FEA8ED8568A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98693865-2E79-4BD6-9F89-1994BC9A3E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6476506-EC37-4726-82DC-D0E8254A8CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6ECEF7-CB16-4604-894B-6EB19F1CEF55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C81EF3D-4DB7-4799-9670-8D79E28CA184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8116A66-175C-4E6D-9A9B-D54C1D97D213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"382C1679-DA1D-4FA4-9D5E-B86CC5052D49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA28812-8A24-4FE1-BED9-D6D5BB023645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9894D83E-2A27-446E-8B47-9C03CF802A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55A9AC4D-E19B-431F-8679-B62F5F46BCF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A4E446D-B9D3-45F2-9722-B41FA14A6C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4EA988-FC80-4170-8933-7C6663731981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F8F53B-24A1-4877-B16E-F1917C4E4E81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75D3ACD5-905F-42BB-BE1A-8382E9D823BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"766EA6F2-7FA4-4713-9859-9971CCD2FDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BB38AEA-BAF0-4920-9A71-747C24444770\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F33EA2B-DE15-4695-A383-7A337AC38908\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261EE631-AB43-44FE-B02A-DFAAB8D35927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1365ED-4651-4AB2-A64B-43782EA2F0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC82690C-DCED-47BA-AA93-4D0C9E95B806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B90ED1-DAB4-4239-8AD8-87E8D568D5D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C9BF2DD-85EF-49CF-8D83-0DB46449E333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86C46AB8-52E5-4385-9C5C-F63FF9DB82AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"564AA4E7-223E-48D8-B3E0-A461969CF530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A2075BD-6102-4B0F-839A-836E9585F43B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A2FA09E-2BF7-4968-B62D-00DA57F81EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02E634E-1E3D-4E44-BADA-76F92483A732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC2B07A-49EF-411F-8A4D-89435E22B043\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E9480D6-3B6A-4C41-B8C1-C3F945040772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10FF0A06-DA61-4250-B083-67E55E362677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6BA453-C150-4159-B80B-5465EFF83F11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638A2E69-8AB6-4FEA-852A-FEF16A500C1A\"}]}]}],\"references\":[{\"url\":\"http://eprint.iacr.org/2011/232.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/44935\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.apple.com/kb/HT5784\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2309\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/536044\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-8FENZ3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:136\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:137\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://hermes.opensuse.org/messages/8760466\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://hermes.opensuse.org/messages/8764170\",\"source\":\"secalert@redhat.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.