Debian update for openssl
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2003-0078 |
| CWE-ID | CWE-200 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system |
| Vendor | Debian |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Vaudenay timing attack
EUVDB-ID: #VU258
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2003-0078
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause an information leak.
The vulnerability exists due to ssl3_get_record in s3_pkt.c does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy). A remote unauthenticated attacker can launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack".
Successful exploitation of this vulnerability may result in disclosure of system information.
Update the affected package to version: 0.9.6c-2.woody.2, 0.9.6c-0.potato.5, 0.9.7a-1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://www.openssl.org/news/vulnerabilities.html#y2002
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
