Vulnerability CVE-2004-2682 - CERT Civis.Net

Vulnerability Name:

CVE-2004-2682 (CCN-11547)

Assigned:

2003-03-13

Published:

2003-03-13

Updated:

2008-09-05

Summary:

PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal), a related issue to CVE-2003-0147.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: CCN
Type: SGI Security Advisory 20030501-01-I
Multiple Security Vulnerabilities in OpenSSL

Source: CCN
Type: BugTraq Mailing List, Fri Mar 21 2003 - 13:29:28 CST
Stunnel: RSA timing attacks / key discovery

Source: CCN
Type: VulnWatch Mailing List, Thu Mar 13 2003 - 23:05:37 CST
OpenSSL Private Key Disclosure

Source: MITRE
Type: CNA
CVE-2003-0147

Source: MITRE
Type: CNA
CVE-2004-2682

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:625
openssl

Source: CCN
Type: AppleCare Knowledge Base Document 120199
Security Update 2003-03-24 for Mac OS X: Information and Download

Source: CCN
Type: Apple Computer, Inc. Security Updates
Security Update 2003-03-24

Source: CCN
Type: OpenSSL Web site
RSA_blinding_on(3)

Source: CCN
Type: Oracle Security Alert #62
SSL Update for CERT CA200326 and older SSL issues

Source: CCN
Type: RHSA-2003-101
Updated OpenSSL packages fix vulnerabilities

Source: CCN
Type: RHSA-2003-102
openssl security update

Source: CCN
Type: RHSA-2003-205
Updated OpenSSL packages fix vulnerabilities

Source: CCN
Type: Sun Alert ID: 56380
Timing Based Attack Vulnerabilities in the Java Secure Socket Extension

Source: CCN
Type: CIAC Information Bulletin N-061
OpenSSL Timing-based Attacks on RSA Keys

Source: CCN
Type: CIAC Information Bulletin N-141
Timing based attack vulnerabilities in the JAVA Secure Socket Extension

Source: DEBIAN
Type: DSA-288
openssl -- several vulnerabilities

Source: CCN
Type: US-CERT VU#997481
Cryptographic libraries and applications do not adequately defend against timing attacks

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20030320-010
Several vulnerabilities in the OpenSSL toolkit

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20010426-01
openssl -- There are four potential vulnerabilities in openssl.

Source: CCN
Type: Gentoo Linux Security Announcement 200303-15
openssl buffer overflow vulnerability

Source: CCN
Type: Immunix Secured OS Security Advisory IMNX-2003-7+-001-01
openssl, openssh, mod_ssl

Source: CCN
Type: MatrixSSL Archives
Security Advisories - RSA Blinding

Source: CONFIRM
Type: UNKNOWN
http://www.matrixssl.org/archives/000075.html

Source: CCN
Type: OpenPKG-SA-2003.019
OpenSSL

Source: CCN
Type: OpenSSL Security Advisory [17 March 2003]
Timing-based attacks on RSA keys

Source: CCN
Type: BID-7101
OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability

Source: CCN
Type: slackware-security Mailing List, Tue May 20 20:13:09 PDT 2003
[slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05)

Source: CCN
Type: Stunnel Web site
Stunnel.org

Source: CCN
Type: Trustix Secure Linux Security Advisory #2003-0010
openssl -- Secret key recovery

Source: CCN
Type: TLSA-2003-22
The RSA key is decoded

Source: XF
Type: UNKNOWN
ssl-rsa-information-leak(11547)

Vulnerable Configuration:

Configuration 1:

cpe:/a:peersec_networks:matrixssl:*:*:*:*:*:*:*:* (Version <= 1.0)

Configuration CCN 1:

cpe:/a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*

OR cpe:/a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*

AND

cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:database_server:8.1.7:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.01:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*

OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*

OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:engardelinux:secure_professional:-:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*

OR cpe:/a:oracle:application_server:9.0.2:*:*:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:1.1:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*

OR cpe:/a:openpkg:openpkg:1.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:application_server:9.0.3:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:sgi:irix:6.5.19:*:*:*:*:*:*:*

OR cpe:/a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*

OR cpe:/a:oracle:http_server:9.2.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:http_server:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:http_server:8.1.7:*:*:*:*:*:*:*

OR cpe:/a:sun:jsse:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.0::ppc:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.1::ia64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*

Denotes that component is vulnerable