OpenSSL ECDSA Timing Attack Local Information Disclosure Vulnerability

Bugtraq ID: 47888
Class: Design Error
CVE: CVE-2011-1945
Remote: No
Local: Yes
Published: May 17 2011 12:00AM
Updated: Dec 10 2013 12:56AM
Credit: Billy Bob Brumley and Nicola Tuveri
Vulnerable: Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
OpenSSL Project OpenSSL 1.0.2
OpenSSL Project OpenSSL 1.0 beta3
OpenSSL Project OpenSSL 1.0 Beta2
OpenSSL Project OpenSSL 1.0 beta1
OpenSSL Project OpenSSL 1.0
OpenSSL Project OpenSSL 0.9.8 k
OpenSSL Project OpenSSL 0.9.8 j
OpenSSL Project OpenSSL 0.9.8 i
OpenSSL Project OpenSSL 0.9.8 h
OpenSSL Project OpenSSL 0.9.8 e
OpenSSL Project OpenSSL 0.9.8 d
OpenSSL Project OpenSSL 0.9.8 c
OpenSSL Project OpenSSL 0.9.8 b
OpenSSL Project OpenSSL 0.9.8 a
OpenSSL Project OpenSSL 0.9.8
+ Gentoo Linux
OpenSSL Project OpenSSL 1.0.0c
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0b
OpenSSL Project OpenSSL 1.0.0A
OpenSSL Project OpenSSL 1.0.0a
OpenSSL Project OpenSSL 1.0.0 Beta5
OpenSSL Project OpenSSL 1.0.0 Beta4
OpenSSL Project OpenSSL 0.9.8Q
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8p
OpenSSL Project OpenSSL 0.9.8O
OpenSSL Project OpenSSL 0.9.8o
OpenSSL Project OpenSSL 0.9.8N
OpenSSL Project OpenSSL 0.9.8n
OpenSSL Project OpenSSL 0.9.8M
OpenSSL Project OpenSSL 0.9.8m
OpenSSL Project OpenSSL 0.9.8l
OpenSSL Project OpenSSL 0.9.8g
OpenSSL Project OpenSSL 0.9.8f
OpenSSL Project OpenSSL 0.9.8 f
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
HP System Management Homepage 6.2.2 7
HP System Management Homepage 6.0 .96
HP System Management Homepage 3.0.2 .77
HP System Management Homepage 3.0.1 .73
HP System Management Homepage 3.0 .68
HP System Management Homepage 3.0 .64
HP System Management Homepage 6.3
HP System Management Homepage 6.2.0-12
HP System Management Homepage 6.2
HP System Management Homepage 6.2
HP System Management Homepage 6.1.0.103
HP System Management Homepage 6.1.0.102
HP System Management Homepage 6.1.0-103
HP System Management Homepage 6.1
HP System Management Homepage 6.0.0.95
HP System Management Homepage 6.0.0-95
HP System Management Homepage 6.0
HP System Management Homepage 3.0.2.77 B
HP System Management Homepage 3.0.2-77
HP System Management Homepage 3.0.1-73
HP System Management Homepage 3.0.0-68
HP System Management Homepage 0
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable: HP System Management Homepage 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus