English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-29
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 25 Sep 2006
 Last revised: 25 Sep 2006

 Package: openssl

 Summary: Multiple RSA implementations fail

 More information:
    The OpenSSL Project is a collaborative effort to develop a robust,
    commercial-grade, full-featured Open Source toolkit implementing the
    Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
    protocols as well as a full-strength general purpose cryptography library.

    Multiple RSA implementations fail to properly handle RSA signatures.

 Impact:
    This vulnerability may allow an attacker to forge RSA signatures.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server
    - Turbolinux 7 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   openssl-0.9.7d-8.src.rpm
      2894646 11123268b7bf28d0267beb093c4622a0
   openssl-compat-0.9.6m-9.src.rpm
      2274196 e5df0088529c7e785b8e32e18bd43d3a

   Binary Packages
   Size: MD5

   openssl-0.9.7d-8.i586.rpm
      1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4
   openssl-compat-0.9.6m-9.i586.rpm
       755984 d86bc1be35ec566c4667e489c3480a58
   openssl-devel-0.9.7d-8.i586.rpm
      1481081 8a44952185f35bc408bb8176c0efba32

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   openssl-0.9.8-7.src.rpm
      3344248 e8c8039409b9b3853420d9e8e8970ad8
   openssl-compat-0.9.7d-8.src.rpm
      2894595 44dcb312de9c81c7dd076ded48513124
   openssl096-0.9.6m-2.src.rpm
      2274791 ccadbcc487b1e1e3f1e0c306b6467b8a

   Binary Packages
   Size: MD5

   openssl-0.9.8-7.i686.rpm
      1738385 1ff4c80d9ab1cb3fbf690d409065409d
   openssl-compat-0.9.7d-8.i686.rpm
      1056442 2f6453479436ec349863c73e261b43f3
   openssl-devel-0.9.8-7.i686.rpm
      1924275 5e5033a8f064b81396b5b95a1deae1fe
   openssl096-0.9.6m-2.i686.rpm
       881205 ea34856977c7aac8e72e665d6fe1991d

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssl-0.9.7d-8.src.rpm
      2894646 9977e9026a24df1d7dab08995d0e4ab9
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/openssl-compat-0.9.6m-9.src.rpm
      2274196 3b059d176d044a21daa33649d64b2faa

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-0.9.7d-8.x86_64.rpm
      1410739 2599c207d81e0820581cc13f4f449543
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-compat-0.9.6m-9.x86_64.rpm
       850020 8960bebf8a95ad5f12ca4add2d851c72
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/openssl-devel-0.9.7d-8.x86_64.rpm
      1546788 5b85cb78c3a5d3219bda53d5d8b6fd99

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 e13928ca96553bf0ec1b6bc1e919ae3d

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1445180 619f2009b189e01954d97b0ab1450b4c
   openssl-devel-0.9.6m-6.i586.rpm
      1159098 50467d8488a84cc576730bb6c627ee85

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   openssl-0.9.6m-6.src.rpm
      2363174 aa0ad99a5de2b21fdc21281d0eff6c2a

   Binary Packages
   Size: MD5

   openssl-0.9.6m-6.i586.rpm
      1445379 ed3cd7b0c4dda4514dfaf9f6d16b0347
   openssl-devel-0.9.6m-6.i586.rpm
      1158782 fdfd39d96734d73449d66e007af7607e

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssl-0.9.7d-8.src.rpm
      2894646 11123268b7bf28d0267beb093c4622a0
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/openssl-compat-0.9.6m-9.src.rpm
      2274196 e5df0088529c7e785b8e32e18bd43d3a

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-0.9.7d-8.i586.rpm
      1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-compat-0.9.6m-9.i586.rpm
       755984 d86bc1be35ec566c4667e489c3480a58
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/openssl-devel-0.9.7d-8.i586.rpm
      1481081 8a44952185f35bc408bb8176c0efba32

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/openssl-0.9.7d-8.src.rpm
      2894646 bf78baf4dee5b9a5d232b0b3ccd57941
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/openssl-compat-0.9.6m-9.src.rpm
      2274196 10694fc13657f481fec2ce099b514ce6

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-0.9.7d-8.i586.rpm
      1303637 e383f61f085d1b81b9b3691cf9aa499b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-compat-0.9.6m-9.i586.rpm
       755256 3cf38a9800394c4d153a59ded67c2c63
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/openssl-devel-0.9.7d-8.i586.rpm
      1482484 2862f7f47b8b206217e849f5b946ebd6

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/openssl-0.9.6m-6.src.rpm
      2363174 459499a18120e7c4a9cf51c6c78dac20

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssl-0.9.6m-6.i586.rpm
      1445757 ce5da0ddb59dc595de18dad28913051c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/openssl-devel-0.9.6m-6.i586.rpm
      1158634 10f274c39c9d777a5d3df09b6eb0bca2

 <Turbolinux 7 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/openssl-0.9.6m-6.src.rpm
      2363174 186038bfea197edc748ccc802d020799

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssl-0.9.6m-6.i586.rpm
      1413429 8da5eefc42d19ce95490526c9e4c4a05
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/openssl-devel-0.9.6m-6.i586.rpm
      1140635 8913133f83d220904965e9de98f0a73f


 CVE
   [CVE-2006-4339]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339

 --------------------------------------------------------------------------
 Revision History
    25 Sep 2006 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFFF9oiK0LzjOqIJMwRAnbtAJ9u4lwUjH4bG1pkQaSq8kSHK/WwaACfVpD6
Za+0ojUvBbPQN/gs3umZL1c=
=3uvk
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.