VDB
CERTCC-2003-888801
CERTCC-2003-888801
PUBLISHED
SSL/TLS implementations that respond distinctively to an incorrect PKCS #1 v1.5 encoded SSL/TLS version number expose the premaster secret to a modified Bleichenbacher attack. An attacker could decrypt a given SSL/TLS session or forge a signature on behalf of a vulnerable application's private RSA key.
Timeline
- Mar 19, 2003 CVE Published
- Aug 25, 2004 CVE Updated
- Mar 17, 2026 Security Advisory
References
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension url
- SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension advisory