{"id":"DEBIAN-CVE-2003-0131","details":"The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\"","modified":"2025-11-19T01:06:24.535666Z","published":"2003-03-24T05:00:00Z","upstream":["CVE-2003-0131"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2003-0131"}],"affected":[{"package":{"name":"openssl","ecosystem":"Debian:11","purl":"pkg:deb/debian/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.7b-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2003-0131.json"}},{"package":{"name":"openssl","ecosystem":"Debian:12","purl":"pkg:deb/debian/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.7b-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2003-0131.json"}},{"package":{"name":"openssl","ecosystem":"Debian:13","purl":"pkg:deb/debian/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.7b-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2003-0131.json"}},{"package":{"name":"openssl","ecosystem":"Debian:14","purl":"pkg:deb/debian/openssl?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.7b-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2003-0131.json"}}],"schema_version":"1.7.3"}