Description

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Remediation

References

CVE-2005-1797

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2242)

PostgreSQL Other Vulnerability (CVE-2005-0246)

WordPress Plugin Download Plugin Unspecified Vulnerability (1.6.1)

WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Unspecified Vulnerability (2.0.27)

Lighttpd Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2323)

Severity

Medium

Classification

CVE-2005-1797

Tags

Missing Update Known Vulnerabilities