ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
CVSS v2.0 Score
5.0
/ 10.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Information
- Published
- 3 mars 2003
- Updated
- 16 avr. 2026
- Status
- Modified
- Source
- cve@mitre.org
Affected products
openssl opensslAll OpenSSL CVEs →
Versions : 0.9.6i, 0.9.7
freebsd freebsd
Versions : 4.2, 4.3, 4.4, 4.5, 4.6
openbsd openbsd
Versions : 3.1, 3.2
Weaknesses (CWE)
CWE-203
References (40)
- http://marc.info/?l=bugtraq&m=104567627211904&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=104568426824439&w=2Third Party Advisory
- http://marc.info/?l=bugtraq&m=104577183206905&w=2Third Party Advisory
- http://www.debian.org/security/2003/dsa-253Broken LinkVendor Advisory
- http://www.iss.net/security_center/static/11369.phpBroken LinkVendor Advisory
- http://www.openssl.org/news/secadv_20030219.txtBroken LinkPatchVendor Advisory
- http://www.osvdb.org/3945Broken Link
- + 25 more references on NVD
Similar CVEs
Other vulnerabilities of type CWE-203
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.