Description
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Martin Vuagnoux · textremotelinux
https://www.exploit-db.com/exploits/22264
References (20)
Core 20
Core References
Broken Link vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2003/0005
Broken Link vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20030501-01-I
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/3945
Broken Link, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/11369.php
Broken Link, Patch, Vendor Advisory x_refsource_confirm
http://www.openssl.org/news/secadv_20030219.txt
Broken Link, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2003/dsa-253
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-205.html
Broken Link vendor-advisory
x_refsource_engarde
http://www.linuxsecurity.com/advisories/engarde_advisory-2874.html
Broken Link third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/n-051.shtml
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104567627211904&w=2
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-104.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6884
Broken Link vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-001.txt.asc
Broken Link vendor-advisory
x_refsource_mandrake
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:020
Broken Link vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000570
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=104568426824439&w=2
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://marc.info/?l=bugtraq&m=104577183206905&w=2
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-082.html
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-063.html
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-062.html
Scores
EPSS
0.1307
EPSS Percentile
94.2%
Details
CWE
CWE-203
Status
published
Products (12)
freebsd/freebsd
4.2
freebsd/freebsd
4.3
freebsd/freebsd
4.4
freebsd/freebsd
4.5
freebsd/freebsd
4.6
freebsd/freebsd
4.7
freebsd/freebsd
5.0
openbsd/openbsd
3.1
openbsd/openbsd
3.2
openssl/openssl
0.9.6i
... and 2 more
Published
Mar 03, 2003
Tracked Since
Feb 18, 2026