7.5
CVSSv3

CVE-2015-3193

Published: 06/12/2015 Updated: 21/11/2024

Vulnerability Summary

The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 1.0.2

openssl openssl 1.0.2a

openssl openssl 1.0.2b

openssl openssl 1.0.2c

openssl openssl 1.0.2d

nodejs node.js

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 15.04

canonical ubuntu linux 15.10

Vendor Advisories

Several security issues were fixed in OpenSSL ...
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5pl in OpenSSL 102 before 102e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffi ...
On December 3, 2015, the OpenSSL Project released a security advisory detailing five vulnerabilities Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition This advisory will be updated as addi ...

Exploits

Orion Elite Hidden IP Browser Pro versions 10 through 79 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities ...

Github Repositories

Code to fuzz bignum libraries

bignum-fuzz Code to fuzz bignum libraries CVE-2015-3193-openssl-vs-gcrypt-modexpc This is a simple test that will do a calculation that some versions of OpenSSL will get wrong and compare the result with libgcrypt openssl-vs-gcrypt-modexpc This is a sample code to fuzz the BN_mod_exp() function of OpenSSL and the gcry_mpi_powm() function of libgcrypt Usage instructions are