1.2 CVE-2007-3108
Patch
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
https://nvd.nist.gov/vuln/detail/CVE-2007-3108
Categories
CWE-NVD-Other
References
BID Patch
| 25163 Patch |
BUGTRAQ
CERT-VN
| VU#724968 US Government Resource |
CONFIRM
DEBIAN
GENTOO
MANDRIVA
OVAL
REDHAT
SECUNIA
UBUNTU
VUPEN
_MLIST
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* | <= 0.9.8e | |
REMEDIATION
Patch
| Url |
|---|
| 25163 |
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
Other (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
MITRE
Sherlock® flash
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.
