SA23 : OpenSSL RSA Key Reconstruction Vulnerability (CVE-2007-3108, VU#724968)

1135

03 March 2020

27 September 2007

CLOSED

MEDIUM

SUMMARY

Some Blue Coat Systems products use OpenSSL implementations of the RSA algorithm that may contain a vulnerability that could allow a local attacker to retrieve encryption keys. OpenSSL is a widely used open source implementation of the SSL and TLS protocols.

AFFECTED PRODUCTS

Any Proxy SG that contains an SSL accelerator hardware card is not vulnerable.

REFERENCES

https://www.kb.cert.org/vuls/id/724968