#VU258 Vaudenay timing attack in OpenSSL - CVE-2003-0078
Published: August 2, 2016 / Updated: September 14, 2018
Vulnerability identifier: #VU258
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2003-0078
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
OpenSSL
OpenSSL
Software vendor:
OpenSSL Software Foundation
OpenSSL Software Foundation
Description
The vulnerability allows a remote attacker to cause an information leak.
The vulnerability exists due to ssl3_get_record in s3_pkt.c does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy). A remote unauthenticated attacker can launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack".
Successful exploitation of this vulnerability may result in disclosure of system information.
The vulnerability exists due to ssl3_get_record in s3_pkt.c does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy). A remote unauthenticated attacker can launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack".
Successful exploitation of this vulnerability may result in disclosure of system information.
Remediation
Upgrade your version to OpenSSL 0.9.7a, OpenSSL 0.9.6i.