02 Mar 2016
Vulnerability Details :
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
Publish Date : 2016-03-03 Last Update Date : 2016-03-07
- CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.
- Products Affected By CVE-2016-0702
- Number Of Affected Versions By Product
- References For CVE-2016-0702
- Metasploit Modules Related To CVE-2016-0702
There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)