{"vuid":"VU#724968","idnumber":"724968","name":"RSA key reconstruction vulnerability","keywords":["OpenSSL","RSA","Montgomery multiplication algorithm","extra reduction step","side-channel attack"],"overview":"Various implementations of RSA may contain a vulnerability that could allow an attacker to retrieve encryption keys.","clean_desc":"Some implementations of RSA may contain a vulnerability that could allow a local attacker to retrieve encryption keys. OpenSSL is a widely used open source implementation of the SSL and TLS protocols. OpenSSL is based on the SSLeay library. OpenSSL provides support for the RSA encryption algorithm. Note that vendors may include a vulnerable version of OpenSSL in web servers, VPN, or other products.","impact":"An attacker could possibly decrypt messages that were encrypted with OpenSSL using RSA algorithm.","resolution":"Apply a patch\nOpenSSL has released a patch to address this issue. See http://openssl.org/news/patch-CVE-2007-3108.txt for more details. See the systems affected portion of this document for a partial list of other vendors who may be affected.","workarounds":"","sysaffected":"","thanks":"Thanks to Dr. Onur Aciicmez, Samsung Information Systems America, Samsung Electronics R&D Center, USA, and Prof. Werner Schindler, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany for reporting this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://openssl.org/news/patch-CVE-2007-3108.txt","http://cvs.openssl.org/chngview?cn=16275","http://www.openssl.org/docs/apps/rsa.html#","http://en.wikipedia.org/wiki/Rsa"],"cveids":["CVE-2007-3108"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-06-25T15:52:45Z","publicdate":"2007-08-02T00:00:00Z","datefirstpublished":"2007-08-01T15:03:28Z","dateupdated":"2007-08-28T14:18:46Z","revision":27,"vrda_d1_directreport":"1","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"2","cam_exploitation":"0","cam_internetinfrastructure":"12","cam_population":"18","cam_impact":"15","cam_easeofexploitation":"5","cam_attackeraccessrequired":"5","cam_scorecurrent":"1.771875","cam_scorecurrentwidelyknown":"4.05","cam_scorecurrentwidelyknownexploited":"6.58125","ipprotocol":"","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":1.771875,"vulnote":null}