CVE-2014-0076

LOW

Description

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

References

http://advisories.mageia.org/MGASA-2014-0165.html

http://eprint.iacr.org/2014/140

http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html

http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html

http://marc.info/?l=bugtraq&m=140266410314613&w=2

http://marc.info/?l=bugtraq&m=140317760000786&w=2

http://marc.info/?l=bugtraq&m=140389274407904&w=2

http://marc.info/?l=bugtraq&m=140389355508263&w=2

http://marc.info/?l=bugtraq&m=140448122410568&w=2

http://marc.info/?l=bugtraq&m=140482916501310&w=2

http://marc.info/?l=bugtraq&m=140621259019789&w=2

http://marc.info/?l=bugtraq&m=140752315422991&w=2

http://marc.info/?l=bugtraq&m=140904544427729&w=2

http://secunia.com/advisories/58492

http://secunia.com/advisories/58727

http://secunia.com/advisories/58939

http://secunia.com/advisories/59040

http://secunia.com/advisories/59162

http://secunia.com/advisories/59175

http://secunia.com/advisories/59264

http://secunia.com/advisories/59300

http://secunia.com/advisories/59364

http://secunia.com/advisories/59374

http://secunia.com/advisories/59413

http://secunia.com/advisories/59438

http://secunia.com/advisories/59445

http://secunia.com/advisories/59450

http://secunia.com/advisories/59454

http://secunia.com/advisories/59490

http://secunia.com/advisories/59495

http://secunia.com/advisories/59514

http://secunia.com/advisories/59655

http://secunia.com/advisories/59721

http://secunia.com/advisories/60571

http://support.apple.com/kb/HT6443

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm

http://www.mandriva.com/security/advisories?name=MDVSA-2014:067

http://www.mandriva.com/security/advisories?name=MDVSA-2015:062

http://www.novell.com/support/kb/doc.php?id=7015264

http://www.novell.com/support/kb/doc.php?id=7015300

http://www.openssl.org/news/secadv_20140605.txt

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.securityfocus.com/bid/66363

http://www.ubuntu.com/usn/USN-2165-1

http://www-01.ibm.com/support/docview.wss?uid=isg400001841

http://www-01.ibm.com/support/docview.wss?uid=isg400001843

http://www-01.ibm.com/support/docview.wss?uid=swg21673137

http://www-01.ibm.com/support/docview.wss?uid=swg21676035

http://www-01.ibm.com/support/docview.wss?uid=swg21676062

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

http://www-01.ibm.com/support/docview.wss?uid=swg21676419

http://www-01.ibm.com/support/docview.wss?uid=swg21676424

http://www-01.ibm.com/support/docview.wss?uid=swg21676501

http://www-01.ibm.com/support/docview.wss?uid=swg21676655

http://www-01.ibm.com/support/docview.wss?uid=swg21677695

http://www-01.ibm.com/support/docview.wss?uid=swg21677828

https://bugs.gentoo.org/show_bug.cgi?id=505278

https://bugzilla.novell.com/show_bug.cgi?id=869945

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

https://kc.mcafee.com/corporate/index?page=content&id=SB10075

Details

Source: MITRE

Published: 2014-03-25

Updated: 2017-12-16

Type: CWE-310

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 1.0.0l (inclusive)

Tenable Plugins

View all (62 total)

IDNameProductFamilySeverity
144766IBM HTTP Server 8.0.x < 8.0.0.9 / 8.5.x < 8.5.5.3 (247195)NessusWeb Servers
low
89651openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)NessusSuSE Local Security Checks
critical
88991Cisco NX-OS OpenSSL Multiple VulnerabilitiesNessusCISCO
high
88989Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCup22487)NessusCISCO
medium
87676VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0004) (Heartbleed)NessusMisc.
medium
86710Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)NessusMisc.
medium
83620SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0539-1)NessusSuSE Local Security Checks
medium
83619SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0538-1)NessusSuSE Local Security Checks
medium
82315Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)NessusMandriva Local Security Checks
high
81782IBM Rational ClearQuest 7.1.1.x / 7.1.2.x < 7.1.2.13.01 / 8.0.0.x < 8.0.0.10.01 / 8.0.1.x < 8.0.1.3.01 OpenSSL Library Multiple Vulnerabilities (credentialed check) (Heartbleed)NessusWindows
medium
81401IBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE)NessusWeb Servers
medium
80915Oracle VM VirtualBox < 3.2.26 / 4.0.28 / 4.1.36 / 4.2.28 / 4.3.20 Multiple Vulnerabilities (January 2015 CPU)NessusWindows
medium
80721Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl4) (Heartbleed)NessusSolaris Local Security Checks
high
80720Oracle Solaris Third-Party Patch Update : openssl (cve_2010_5298_race_conditions)NessusSolaris Local Security Checks
high
80479IBM Tivoli Access Manager for e-Business < 6.0.0.33 / 6.1.0.14 / 6.1.1.10 SSL Multiple VulnerabilitiesNessusMisc.
low
8394Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004)Nessus Network MonitorWeb Clients
critical
77749Mac OS X Multiple Vulnerabilities (Security Update 2014-004)NessusMacOS X Local Security Checks
critical
77748Mac OS X 10.9.x < 10.9.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
77635EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-079)NessusWindows
high
77438IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.3 Multiple VulnerabilitiesNessusWeb Servers
medium
77200OpenSSL 'ChangeCipherSpec' MiTM VulnerabilityNessusMisc.
medium
77152HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusSuSE Local Security Checks
high
77151HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusRed Hat Local Security Checks
high
77150HP Version Control Agent (VCA) < 7.3.3 Multiple SSL VulnerabilitiesNessusWindows
medium
77020HP Systems Insight Manager 7.2.x < 7.2 Hotfix 37 / 7.3.x < 7.3 Hotfix 34 OpenSSL Multiple VulnerabilitiesNessusWindows
medium
76995IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple VulnerabilitiesNessusWeb Servers
high
76580McAfee VirusScan Enterprise for Linux Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76579McAfee Email Gateway OpenSSL Multiple Vulnerabilities (SB10075)NessusMisc.
medium
76492Mac OS X : Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL VulnerabilitiesNessusMacOS X Local Security Checks
medium
76491Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL VulnerabilitiesNessusWindows
medium
76490Ipswitch IMail Server 11.x / 12.x < 12.4.1.15 Multiple Vulnerabilities (Heartbleed)NessusMisc.
medium
76390HP Version Control Repository Manager Multiple Vulnerabilities (HPSBMU03056)NessusWindows
medium
76345HP System Management Homepage < 7.2.4.1 / 7.3.3.1 OpenSSL Multiple VulnerabilitiesNessusWeb Servers
medium
76146McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76145McAfee ePolicy Orchestrator Multiple OpenSSL Vulnerabilities (SB10075)NessusMisc.
medium
76131Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSLNessusCISCO
medium
76130Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSLNessusCISCO
low
76129Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)NessusWindows
medium
75310openSUSE Security Update : openssl (openSUSE-SU-2014:0480-1)NessusSuSE Local Security Checks
low
74363OpenSSL 0.9.8 < 0.9.8za Multiple VulnerabilitiesNessusWeb Servers
medium
74326OpenSSL 'ChangeCipherSpec' MiTM Potential VulnerabilityNessusMisc.
medium
74288IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple Vulnerabilities (Linux)NessusGeneral
low
74287IBM Global Security Kit 7 < 7.0.4.50 / 8.0.14.x < 8.0.14.43 / 8.0.50.x < 8.0.50.20 Multiple VulnerabilitiesNessusWindows
low
74104IBM General Parallel File System 3.5 < 3.5.0.17 Multiple OpenSSL Vulnerabilities (Heartbleed)NessusWindows
medium
73917ESXi 5.5 < Build 1746974 / 5.5 Update 1 < Build 1746018 OpenSSL Library Multiple Vulnerabilities (remote check) (Heartbleed)NessusMisc.
medium
73896VMware Horizon Workspace 1.8 < 1.8.1 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)NessusMisc.
medium
73851VMSA-2014-0004 : VMware product updates address OpenSSL security vulnerabilitiesNessusVMware ESX Local Security Checks
high
73674VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)NessusWindows
medium
73673VMware Workstation 10.x < 10.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)NessusGeneral
medium
73672VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)NessusWindows
medium
73671VMware Player 6.x < 6.0.2 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Linux) (Heartbleed)NessusGeneral
medium
73670VMware Fusion 6.x < 6.0.3 OpenSSL Library Multiple Vulnerabilities (VMSA-2014-0004) (Heartbleed)NessusMacOS X Local Security Checks
medium
73599Debian DSA-2908-1 : openssl - security updateNessusDebian Local Security Checks
medium
73592SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 9073)NessusSuSE Local Security Checks
medium
73487FreeBSD : OpenSSL -- Local Information Disclosure (7ccd4def-c1be-11e3-9d09-000c2980a9f3)NessusFreeBSD Local Security Checks
low
73443Mandriva Linux Security Advisory : openssl (MDVSA-2014:067)NessusMandriva Local Security Checks
medium
8194OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities (Heartbleed)Nessus Network MonitorWeb Servers
medium
73409Slackware 14.0 / 14.1 / current : openssl (SSA:2014-098-01)NessusSlackware Local Security Checks
high
73407GLSA-201404-07 : OpenSSL: Information DisclosureNessusGentoo Local Security Checks
high
73404OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities (Heartbleed)NessusWeb Servers
medium
73403OpenSSL 1.0.0 < 1.0.0m Multiple VulnerabilitiesNessusWeb Servers
high
73402Ubuntu 12.04 LTS / 12.10 / 13.10 : openssl vulnerabilities (USN-2165-1)NessusUbuntu Local Security Checks
high