FreeBSD : OpenSSL -- timing vulnerability (6f170cf2-e6b7-11e8-a9a8-b499baebfeaf)
Low Nessus Plugin ID 118901
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe OpenSSL project reports :
Microarchitecture timing vulnerability in ECC scalar multiplication.
Severity: Low OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key.
SolutionUpdate the affected package.