CVE-2003-0131
EPSS 17.9%openssl - several vulnerabilities
發布日:2003/3/24修改日:2026/4/28
描述
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
受影響套件(2)
- Debian/opensslfrom 0, < 0.9.7b-1
- Debian/opensslfrom 0, < 0.9.6c-2.woody.3