Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Botan 安全漏洞
Vulnerability Description
Botan是一款使用C++编写的加密算法库,它支持AES、DES、SHA-1、RSA、DSA和Diffie-Hellman等多种算法。 Botan 2.5.0版本至2.6.0版本中存在安全漏洞。攻击者可通过访问本地设备或同一物理主机上的不同虚拟机利用该漏洞获取ECDSA密钥。
CVSS Information
N/A
Vulnerability Type
N/A