CVE Vulnerabilities

CVE-2005-1797

Published: May 26, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Affected Software

Name Vendor Start Version End Version
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.6i 0.9.6i
Openssl Openssl 0.9.3 0.9.3
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7c 0.9.7c
Openssl Openssl 0.9.6d 0.9.6d
Openssl Openssl 0.9.1c 0.9.1c
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.4 0.9.4
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.6f 0.9.6f
Openssl Openssl 0.9.6l 0.9.6l
Openssl Openssl 0.9.6e 0.9.6e
Openssl Openssl 0.9.7d 0.9.7d
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.6b 0.9.6b
Openssl Openssl 0.9.7b 0.9.7b
Openssl Openssl 0.9.6k 0.9.6k
Openssl Openssl 0.9.6g 0.9.6g
Openssl Openssl 0.9.6h 0.9.6h
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.6j 0.9.6j
Openssl Openssl 0.9.7a 0.9.7a
Openssl Openssl 0.9.6c 0.9.6c
Openssl Openssl 0.9.6m 0.9.6m
Openssl Openssl 0.9.2b 0.9.2b
Openssl Openssl 0.9.5 0.9.5

References