Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2011-4354

crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v2 Score 5.8
References
Products affected by CVE-2011-4354
  • Openssl » Openssl » Version: Any
    cpe:2.3:a:openssl:openssl:*
  • Openssl » Openssl » Version: 0.9.1c
    cpe:2.3:a:openssl:openssl:0.9.1c
  • Openssl » Openssl » Version: 0.9.2b
    cpe:2.3:a:openssl:openssl:0.9.2b
  • Openssl » Openssl » Version: 0.9.3
    cpe:2.3:a:openssl:openssl:0.9.3
  • Openssl » Openssl » Version: 0.9.3a
    cpe:2.3:a:openssl:openssl:0.9.3a
  • Openssl » Openssl » Version: 0.9.4
    cpe:2.3:a:openssl:openssl:0.9.4
  • Openssl » Openssl » Version: 0.9.5
    cpe:2.3:a:openssl:openssl:0.9.5
  • Openssl » Openssl » Version: 0.9.5a
    cpe:2.3:a:openssl:openssl:0.9.5a
  • Openssl » Openssl » Version: 0.9.6
    cpe:2.3:a:openssl:openssl:0.9.6
  • Openssl » Openssl » Version: 0.9.6a
    cpe:2.3:a:openssl:openssl:0.9.6a
  • Openssl » Openssl » Version: 0.9.6b
    cpe:2.3:a:openssl:openssl:0.9.6b
  • Openssl » Openssl » Version: 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • Openssl » Openssl » Version: 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • Openssl » Openssl » Version: 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • Openssl » Openssl » Version: 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • Openssl » Openssl » Version: 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • Openssl » Openssl » Version: 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • Openssl » Openssl » Version: 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • Openssl » Openssl » Version: 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • Openssl » Openssl » Version: 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • Openssl » Openssl » Version: 0.9.6l
    cpe:2.3:a:openssl:openssl:0.9.6l
  • Openssl » Openssl » Version: 0.9.6m
    cpe:2.3:a:openssl:openssl:0.9.6m
  • Openssl » Openssl » Version: 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • Openssl » Openssl » Version: 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • Openssl » Openssl » Version: 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • Openssl » Openssl » Version: 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • Openssl » Openssl » Version: 0.9.7d
    cpe:2.3:a:openssl:openssl:0.9.7d
  • Openssl » Openssl » Version: 0.9.7e
    cpe:2.3:a:openssl:openssl:0.9.7e
  • Openssl » Openssl » Version: 0.9.7f
    cpe:2.3:a:openssl:openssl:0.9.7f
  • Openssl » Openssl » Version: 0.9.7g
    cpe:2.3:a:openssl:openssl:0.9.7g
  • Openssl » Openssl » Version: 0.9.7h
    cpe:2.3:a:openssl:openssl:0.9.7h
  • Openssl » Openssl » Version: 0.9.7i
    cpe:2.3:a:openssl:openssl:0.9.7i
  • Openssl » Openssl » Version: 0.9.7j
    cpe:2.3:a:openssl:openssl:0.9.7j
  • Openssl » Openssl » Version: 0.9.7k
    cpe:2.3:a:openssl:openssl:0.9.7k
  • Openssl » Openssl » Version: 0.9.7l
    cpe:2.3:a:openssl:openssl:0.9.7l
  • Openssl » Openssl » Version: 0.9.7m
    cpe:2.3:a:openssl:openssl:0.9.7m
  • Openssl » Openssl » Version: 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • Openssl » Openssl » Version: 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • Openssl » Openssl » Version: 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
  • Openssl » Openssl » Version: 0.9.8c
    cpe:2.3:a:openssl:openssl:0.9.8c
  • Openssl » Openssl » Version: 0.9.8d
    cpe:2.3:a:openssl:openssl:0.9.8d
  • Openssl » Openssl » Version: 0.9.8e
    cpe:2.3:a:openssl:openssl:0.9.8e
  • Openssl » Openssl » Version: 0.9.8f
    cpe:2.3:a:openssl:openssl:0.9.8f


Products
Pricing
Contact Us

Shodan ® - All rights reserved