Unrated severityNVD Advisory· Published Mar 31, 2003· Updated Apr 16, 2026
CVE-2003-0147
CVE-2003-0147
Description
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
Affected products
35cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/997481nvdThird Party AdvisoryUS Government Resource
- ftp.sco.com/pub/security/OpenLinux/CSSA-2003-014.0.txtnvd
- patches.sgi.com/support/free/security/advisories/20030501-01-Invd
- crypto.stanford.edu/~dabo/papers/ssl-timing.pdfnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- www.debian.org/security/2003/dsa-288nvd
- www.gentoo.org/security/en/glsa/glsa-200303-23.xmlnvd
- www.mandrakesecure.net/en/advisories/advisory.phpnvd
- www.openpkg.com/security/advisories/OpenPKG-SA-2003.019.htmlnvd
- www.openssl.org/news/secadv_20030317.txtnvd
- www.redhat.com/support/errata/RHSA-2003-101.htmlnvd
- www.redhat.com/support/errata/RHSA-2003-102.htmlnvd
- www.securityfocus.com/archive/1/316165/30/25370/threadednvd
- www.securityfocus.com/archive/1/316577/30/25310/threadednvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A466nvd
News mentions
0No linked articles in our index yet.