NuytsTech Security

CVE-2007-3108

by ·

The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.

Date published : 2007-08-07

http://www.securityfocus.com/bid/25163

http://www.securityfocus.com/archive/1/476341/100/0/threaded

Tags: