Security Advisory

CVE-2011-1945

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-05-31 20:00:00

Last updated 2024-08-06 22:46:00

Assigner redhat

State PUBLISHED

Description

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.

← Browse all CVEs View on cve.org ↗