Hewlett-Packard Company Information for VU#888801

SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension

Status

Affected

Vendor Statement

SOURCE: Hewlett-Packard Company HP Services Software Security Response Team
x-ref: SSRT3518, SSRT3499

At the time of writing this document, Hewlett Packard is currently investigating the potential impact to HP's released Operating System software products.

As further information becomes available HP will provide notice of the availability of any necessary patches through standard security bulletin announcements and be available from your normal HP Services support channel.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see HPSBUX0304-0255/SSRT3499.

If you have feedback, comments, or additional information about this vulnerability, please send us email.