CVE-2011-1945
OpenSSL < 1.0.0d - ECDSA Private Key Exposure via Timing Attack
Title source: llmDescription
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.
References (11)
Core 11
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:136
US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MAPG-8FENZ3
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:137
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2011/dsa-2309
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT5784
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Various Sources vendor-advisory
x_refsource_suse
https://hermes.opensuse.org/messages/8760466
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/536044
Various Sources vendor-advisory
x_refsource_suse
https://hermes.opensuse.org/messages/8764170
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44935
Exploit x_refsource_misc
http://eprint.iacr.org/2011/232.pdf
Scores
EPSS
0.0485
EPSS Percentile
89.7%
Details
CWE
CWE-310
Status
published
Products (34)
openssl/openssl
0.9.1c
openssl/openssl
0.9.2b
openssl/openssl
0.9.3
openssl/openssl
0.9.3a
openssl/openssl
0.9.4
openssl/openssl
0.9.5 (3 CPE variants)
openssl/openssl
0.9.5a (3 CPE variants)
openssl/openssl
0.9.6 (4 CPE variants)
openssl/openssl
0.9.6a (4 CPE variants)
openssl/openssl
0.9.6b
... and 24 more
Published
May 31, 2011
Tracked Since
Feb 18, 2026