← back
CVE-2007-3108

CVE-2007-3108

EPSS 0.4%
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cvs.openssl.org/chngview?cn=16275http://lists.vmware.com/pipermail/security-announce/2008/000002.htmlhttp://openssl.org/news/patch-CVE-2007-3108.txthttp://secunia.com/advisories/26411http://secunia.com/advisories/26893http://secunia.com/advisories/27021http://secunia.com/advisories/27078http://secunia.com/advisories/27097http://secunia.com/advisories/27205http://secunia.com/advisories/27330http://secunia.com/advisories/27770http://secunia.com/advisories/27870