CVE-2014-3570
OpenSSL < 0.9.8zd, 1.0.0 < 1.0.0p, 1.0.1 < 1.0.1k - Cryptographic Protection Bypass via BN_sqr BIGNUM Calculation
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2014-3570. PoCs published by uthrasri.
AI-analyzed exploit summary This repository contains assembly implementations for Montgomery multiplication and other cryptographic operations, targeting CVE-2014-3570 (a vulnerability in OpenSSL). The code includes hand-optimized assembly for various architectures (Alpha, ARM, x86, etc.) to improve performance in cryptographic operations.
Description
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
Exploits (4)
This repository contains assembly implementations for Montgomery multiplication and other cryptographic operations, targeting CVE-2014-3570 (a vulnerability in OpenSSL). The code includes hand-optimized assembly for various architectures (Alpha, ARM, x86, etc.) to improve performance in cryptographic operations.
The repository contains directory handling code for various platforms but lacks exploit-specific logic for CVE-2014-3570. No offensive techniques or vulnerability triggers are present.
The repository contains partial OpenSSL source code and configuration files but lacks a functional exploit or proof-of-concept for CVE-2014-3570. The files appear to be part of a larger project but do not demonstrate the vulnerability.
The repository contains partial source code files related to OpenSSL and MacOS networking utilities, but lacks executable exploit code or clear demonstration of CVE-2014-3570 exploitation. The files appear to be part of a larger project but do not provide a functional PoC.