CVE-2005-1797
CVSS5.1
发布时间 :2005-05-26 00:00:00
修订时间 :2008-09-05 16:50:07
NMCOS    

[原文]The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.


[CNNVD]Advanced Encryption Standard缓存定时密钥泄露漏洞(CNNVD-200505-1213)

        Advanced Encryption Standard (AES),又称Rijndael,的设计允许远程攻击者通过对S-box查询的定时攻击来恢复AES密钥,这在AES实施中的常数时间内难以执行。

- CVSS (基础分值)

CVSS分值: 5.1 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:openssl:openssl:0.9.4OpenSSL Project OpenSSL 0.9.4
cpe:/a:openssl:openssl:0.9.6aOpenSSL Project OpenSSL 0.9.6a
cpe:/a:openssl:openssl:0.9.5OpenSSL Project OpenSSL 0.9.5
cpe:/a:openssl:openssl:0.9.6OpenSSL Project OpenSSL 0.9.6
cpe:/a:openssl:openssl:0.9.7:beta3OpenSSL Project OpenSSL 0.9.7 beta3
cpe:/a:openssl:openssl:0.9.7:beta1OpenSSL Project OpenSSL 0.9.7 beta1
cpe:/a:openssl:openssl:0.9.6hOpenSSL Project OpenSSL 0.9.6h
cpe:/a:openssl:openssl:0.9.7OpenSSL Project OpenSSL 0.9.7
cpe:/a:openssl:openssl:0.9.2bOpenSSL Project OpenSSL 0.9.2b
cpe:/a:openssl:openssl:0.9.6gOpenSSL Project OpenSSL 0.9.6g
cpe:/a:openssl:openssl:0.9.6lOpenSSL Project OpenSSL 0.9.6l
cpe:/a:openssl:openssl:0.9.7cOpenSSL Project OpenSSL 0.9.7c
cpe:/a:openssl:openssl:0.9.6fOpenSSL Project OpenSSL 0.9.6f
cpe:/a:openssl:openssl:0.9.6bOpenSSL Project OpenSSL 0.9.6b
cpe:/a:openssl:openssl:0.9.6jOpenSSL Project OpenSSL 0.9.6j
cpe:/a:openssl:openssl:0.9.6cOpenSSL Project OpenSSL 0.9.6c
cpe:/a:openssl:openssl:0.9.7dOpenSSL Project OpenSSL 0.9.7d
cpe:/a:openssl:openssl:0.9.5aOpenSSL Project OpenSSL 0.9.5a
cpe:/a:openssl:openssl:0.9.6eOpenSSL Project OpenSSL 0.9.6e
cpe:/a:openssl:openssl:0.9.6iOpenSSL Project OpenSSL 0.9.6i
cpe:/a:openssl:openssl:0.9.7aOpenSSL Project OpenSSL 0.9.7a
cpe:/a:openssl:openssl:0.9.6kOpenSSL Project OpenSSL 0.9.6k
cpe:/a:openssl:openssl:0.9.1cOpenSSL Project OpenSSL 0.9.1c
cpe:/a:openssl:openssl:0.9.6mOpenSSL Project OpenSSL 0.9.6m
cpe:/a:openssl:openssl:0.9.6dOpenSSL Project OpenSSL 0.9.6d
cpe:/a:openssl:openssl:0.9.3OpenSSL Project OpenSSL 0.9.3
cpe:/a:openssl:openssl:0.9.7bOpenSSL Project OpenSSL 0.9.7b
cpe:/a:openssl:openssl:0.9.7:beta2OpenSSL Project OpenSSL 0.9.7 beta2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1797
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1797
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-1213
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/13785
(VENDOR_ADVISORY)  BID  13785
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
(VENDOR_ADVISORY)  MISC  http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

- 漏洞信息

Advanced Encryption Standard缓存定时密钥泄露漏洞
中危 设计错误
2005-05-26 00:00:00 2005-10-20 00:00:00
远程  
        Advanced Encryption Standard (AES),又称Rijndael,的设计允许远程攻击者通过对S-box查询的定时攻击来恢复AES密钥,这在AES实施中的常数时间内难以执行。

- 公告与补丁

        暂无数据

- 漏洞信息

20501
Advanced Encryption Standard (AES, aka Rijndael) S-box Lookup Timing Attack

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-05-26 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Advanced Encryption Standard Cache Timing Key Disclosure Vulnerability
Design Error 13785
Yes No
2005-05-26 12:00:00 2009-07-12 02:56:00
Discovery of this issue is credited to Daniel J. Bernstein.

- 受影响的程序版本

OpenSSL Project OpenSSL 0.9.7 d
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
OpenSSL Project OpenSSL 0.9.7 c
+ OpenPKG OpenPKG 2.0
+ Slackware Linux 9.1
+ Slackware Linux 9.0
+ Slackware Linux -current
OpenSSL Project OpenSSL 0.9.7 beta3
OpenSSL Project OpenSSL 0.9.7 beta2
OpenSSL Project OpenSSL 0.9.7 beta1
OpenSSL Project OpenSSL 0.9.7 b
+ OpenPKG OpenPKG 1.3
OpenSSL Project OpenSSL 0.9.7 a
+ Conectiva Linux 9.0
+ OpenPKG OpenPKG Current
OpenSSL Project OpenSSL 0.9.7
+ Caldera OpenUnix 8.0
+ Caldera UnixWare 7.1.3
+ Caldera UnixWare 7.1.1
+ FreeBSD FreeBSD 5.0
+ OpenBSD OpenBSD 3.2
+ OpenPKG OpenPKG 1.2
OpenSSL Project OpenSSL 0.9.6 m
OpenSSL Project OpenSSL 0.9.6 l
OpenSSL Project OpenSSL 0.9.6 k
+ Blue Coat Systems CacheOS CA/SA 4.1.10
+ Blue Coat Systems Security Gateway OS 3.1
+ Blue Coat Systems Security Gateway OS 3.0
+ Blue Coat Systems Security Gateway OS 2.1.5001 SP1
+ Blue Coat Systems Security Gateway OS 2.1.9
+ Blue Coat Systems Security Gateway OS 2.0
+ Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 j
OpenSSL Project OpenSSL 0.9.6 i
+ HP Apache-Based Web Server 1.3.27 .01
+ HP Apache-Based Web Server 1.3.27 .00
+ HP HP-UX Apache-Based Web Server 1.0.1 .01
+ HP HP-UX Apache-Based Web Server 1.0 .07.01
+ HP HP-UX Apache-Based Web Server 1.0 .06.02
+ HP HP-UX Apache-Based Web Server 1.0 .06.01
+ HP HP-UX Apache-Based Web Server 1.0 .05.01
+ HP HP-UX Apache-Based Web Server 1.0 .04.01
+ HP HP-UX Apache-Based Web Server 1.0 .03.01
+ HP HP-UX Apache-Based Web Server 1.0 .02.01
+ HP HP-UX Apache-Based Web Server 1.0 .01
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.0
+ S.u.S.E. Linux Personal 8.2
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
+ Conectiva Linux Enterprise Edition 1.0
+ FreeBSD FreeBSD 4.7 -RELEASE
+ FreeBSD FreeBSD 4.7
+ HP Apache-Based Web Server 2.0.43 .04
+ HP Apache-Based Web Server 2.0.43 .00
+ HP Webmin-Based Admin 1.0 .01
+ Immunix Immunix OS 7+
+ NetBSD NetBSD 1.6
+ OpenPKG OpenPKG 1.1
OpenSSL Project OpenSSL 0.9.6 f
OpenSSL Project OpenSSL 0.9.6 e
+ FreeBSD FreeBSD 4.6 -RELEASE
+ FreeBSD FreeBSD 4.6
OpenSSL Project OpenSSL 0.9.6 d
+ Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 c
+ Conectiva Linux 8.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
OpenSSL Project OpenSSL 0.9.6 b
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ OpenBSD OpenBSD 3.1
+ OpenBSD OpenBSD 3.0
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux Advanced Work Station 2.1
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Firewall on CD
+ S.u.S.E. Office Server
+ S.u.S.E. SuSE eMail Server III
+ Sun Linux 5.0.7
+ Sun Linux 5.0.6
+ Sun Linux 5.0.5
+ Sun Linux 5.0.3
+ Sun Linux 5.0
+ SuSE SUSE Linux Enterprise Server 7
OpenSSL Project OpenSSL 0.9.6 a
+ Conectiva Linux 7.0
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
OpenSSL Project OpenSSL 0.9.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 6.0
+ EnGarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ NetBSD NetBSD 1.6 beta
+ NetBSD NetBSD 1.6
+ NetBSD NetBSD 1.5.3
+ NetBSD NetBSD 1.5.2
+ NetBSD NetBSD 1.5.1
+ NetBSD NetBSD 1.5
+ OpenBSD OpenBSD 2.9
+ OpenPKG OpenPKG 1.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 sparc
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
OpenSSL Project OpenSSL 0.9.5 a
+ Debian Linux 3.0
+ HP Secure OS software for Linux 1.0
+ Immunix Immunix OS 7.0
+ Immunix Immunix OS 6.2
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ OpenBSD OpenBSD 2.8
+ OpenBSD OpenBSD 2.7
+ Red Hat Linux 6.2
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
OpenSSL Project OpenSSL 0.9.5
+ RedHat Linux 6.2 sparc
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 alpha
OpenSSL Project OpenSSL 0.9.4
+ Debian Linux 3.0
+ OpenBSD OpenBSD 2.6
OpenSSL Project OpenSSL 0.9.3
OpenSSL Project OpenSSL 0.9.2 b
OpenSSL Project OpenSSL 0.9.1 c
AES AES (Rijndael)

- 漏洞讨论

High-speed implementations of AES are prone to a timing attack vulnerability. The attack is based on observations of time taken to complete certain critical AES cryptographic functions (Input dependant Table lookups).

An attacker may theoretically exploit this issue to retrieve an entire AES secret key from a target vulnerable AES implementation.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站