Description

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Remediation

References

CVE-2005-1797

Related Vulnerabilities

WordPress Plugin Responsive Menu-Create Mobile-Friendly Menu Multiple Vulnerabilities (3.1.3)

WordPress Plugin Double Opt-In for Download Multiple Cross-Site Scripting Vulnerabilities (2.1.5)

Microsoft SQL Server Other Vulnerability (CVE-2000-1088)

OpenSSL Resource Management Errors Vulnerability (CVE-2011-4619)

Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)

Severity

Medium

Classification

CVE-2005-1797

Tags

Missing Update Known Vulnerabilities