OVAL Reference oval:org.opensuse.security:def:20030078

Oval Definition:

oval:org.opensuse.security:def:20030078

Revision Date:	2015-11-16	Version:	1
Title:	CVE-2003-0078
Description:	ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2003-0078
Platform(s):	SuSE Firewall on CD 2 SuSE Firewall on CD 2 - VPN SuSE Linux Enterprise Server 7 for IA32 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Office Server SuSE Linux Openexchange Server 4 UnitedLinux 1.0	Product(s):