Family: Slackware Local Security Checks --> Category: infos
SSA-2003-141-05 mod_ssl RSA blinding fixes Vulnerability Scan
Vulnerability Scan Summary
SSA-2003-141-05 mod_ssl RSA blinding fixes
Detailed Explanation for this Vulnerability Test
An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the secret key
to a possible hacker. Note that this problem was already fixed within
OpenSSL, so this is a "double fix". With this package, mod_ssl
is secured even if OpenSSL is not.
We recommend sites using mod_ssl upgrade to this new package.
Click HERE for more information and discussions on this network vulnerability scan.