Description

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.

Remediation

References

CVE-2011-4354

Related Vulnerabilities

Sqlite Divide By Zero Vulnerability (CVE-2019-16168)

Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Upload (2.0.21)

BigDoor Quick Gamification for WordPress Cross-Site Scripting (1.0.5)

Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-24899)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4297)

Severity

Medium

Classification

CVE-2011-4354

Tags

Missing Update Known Vulnerabilities