CVE-2011-4354 — Openssl vulnerability

CWE-3108 documents8 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 57.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Debian Openssl

Timeline

PublishedJan 27

Latest updateDec 29

Description

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages3 packages

▶debiandebian/openssl< openssl 0.9.8o-4squeeze3 (bookworm)

▶Debianopenssl/openssl< 0.9.8o-4squeeze3+3

▶NVDopenssl/openssl0.9.8g+42

🔴Vulnerability Details

GHSA

GHSA-wph7-m6hx-9r8m: crypto/bn/bn_nist↗2022-05-17

▶

OSV

CVE-2011-4354: crypto/bn/bn_nist↗2012-01-27

▶

📋Vendor Advisories

Ubuntu

OpenSSL vulnerabilities↗2012-02-09

▶

Red Hat

openssl: ECC private leak (disclosure of TLS server's private key)↗2011-11-24

▶

Debian

CVE-2011-4354: openssl - crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stu...↗2011

▶

📄Research Papers

arXiv

One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware↗2022-12-29

▶

💬Community

Bugzilla

CVE-2011-4354 openssl: ECC private leak (disclosure of TLS server's private key)↗2011-11-28

▶