Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2006-2940
Description:OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
Test IDs: 1.3.6.1.4.1.25623.1.0.57500   1.3.6.1.4.1.25623.1.0.59380   1.3.6.1.4.1.25623.1.0.57511   1.3.6.1.4.1.25623.1.0.57481   1.3.6.1.4.1.25623.1.0.57478   1.3.6.1.4.1.25623.1.0.65349   1.3.6.1.4.1.25623.1.0.58053  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2006-2940
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
BugTraq ID: 20247
http://www.securityfocus.com/bid/20247
BugTraq ID: 22083
http://www.securityfocus.com/bid/22083
BugTraq ID: 28276
http://www.securityfocus.com/bid/28276
Bugtraq: 20060928 rPSA-2006-0175-1 openssl openssl-scripts (Google Search)
http://www.securityfocus.com/archive/1/447318/100/0/threaded
Bugtraq: 20060929 rPSA-2006-0175-2 openssl openssl-scripts (Google Search)
http://www.securityfocus.com/archive/1/447393/100/0/threaded
Bugtraq: 20070110 VMware ESX server security updates (Google Search)
http://www.securityfocus.com/archive/1/456546/100/200/threaded
Bugtraq: 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues (Google Search)
http://www.securityfocus.com/archive/1/489739/100/0/threaded
Cert/CC Advisory: TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL Library
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL library
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
Debian Security Information: DSA-1185 (Google Search)
http://www.debian.org/security/2006/dsa-1185
Debian Security Information: DSA-1195 (Google Search)
http://www.debian.org/security/2006/dsa-1195
FreeBSD Security Advisory: FreeBSD-SA-06:23.openssl
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
http://security.gentoo.org/glsa/glsa-200610-11.xml
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
HPdes Security Advisory: HPSBMA02250
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: HPSBTU02207
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
HPdes Security Advisory: HPSBUX02174
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
HPdes Security Advisory: HPSBUX02186
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
HPdes Security Advisory: SSRT061213
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
HPdes Security Advisory: SSRT061239
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
HPdes Security Advisory: SSRT061275
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
HPdes Security Advisory: SSRT071299
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
HPdes Security Advisory: SSRT071304
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
HPdes Security Advisory: SSRT090208
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
http://marc.info/?l=bind-announce&m=116253119512445&w=2
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
NETBSD Security Advisory: NetBSD-SA2008-007
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
OpenBSD Security Advisory: [3.9] 20061007 013: SECURITY FIX: October 7, 2006
http://openbsd.org/errata.html#openssl2
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
http://www.osvdb.org/29261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311
RedHat Security Advisories: RHSA-2006:0695
http://www.redhat.com/support/errata/RHSA-2006-0695.html
RedHat Security Advisories: RHSA-2008:0629
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://securitytracker.com/id?1016943
http://securitytracker.com/id?1017522
http://secunia.com/advisories/22094
http://secunia.com/advisories/22116
http://secunia.com/advisories/22130
http://secunia.com/advisories/22165
http://secunia.com/advisories/22166
http://secunia.com/advisories/22172
http://secunia.com/advisories/22186
http://secunia.com/advisories/22193
http://secunia.com/advisories/22207
http://secunia.com/advisories/22212
http://secunia.com/advisories/22216
http://secunia.com/advisories/22220
http://secunia.com/advisories/22240
http://secunia.com/advisories/22259
http://secunia.com/advisories/22260
http://secunia.com/advisories/22284
http://secunia.com/advisories/22298
http://secunia.com/advisories/22330
http://secunia.com/advisories/22385
http://secunia.com/advisories/22460
http://secunia.com/advisories/22487
http://secunia.com/advisories/22500
http://secunia.com/advisories/22544
http://secunia.com/advisories/22626
http://secunia.com/advisories/22671
http://secunia.com/advisories/22758
http://secunia.com/advisories/22772
http://secunia.com/advisories/22799
http://secunia.com/advisories/23038
http://secunia.com/advisories/23155
http://secunia.com/advisories/23280
http://secunia.com/advisories/23309
http://secunia.com/advisories/23340
http://secunia.com/advisories/23351
http://secunia.com/advisories/23680
http://secunia.com/advisories/23794
http://secunia.com/advisories/23915
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://secunia.com/advisories/25889
http://secunia.com/advisories/26329
http://secunia.com/advisories/26893
http://secunia.com/advisories/30124
http://secunia.com/advisories/31492
http://secunia.com/advisories/31531
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
SuSE Security Announcement: SUSE-SA:2006:058 (Google Search)
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
SuSE Security Announcement: SUSE-SR:2006:024 (Google Search)
http://www.novell.com/linux/security/advisories/2006_24_sr.html
http://www.trustix.org/errata/2006/0054
http://www.ubuntu.com/usn/usn-353-1
http://www.ubuntu.com/usn/usn-353-2
http://www.vupen.com/english/advisories/2006/3820
http://www.vupen.com/english/advisories/2006/3860
http://www.vupen.com/english/advisories/2006/3869
http://www.vupen.com/english/advisories/2006/3902
http://www.vupen.com/english/advisories/2006/3936
http://www.vupen.com/english/advisories/2006/4019
http://www.vupen.com/english/advisories/2006/4036
http://www.vupen.com/english/advisories/2006/4264
http://www.vupen.com/english/advisories/2006/4327
http://www.vupen.com/english/advisories/2006/4329
http://www.vupen.com/english/advisories/2006/4401
http://www.vupen.com/english/advisories/2006/4417
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2006/4980
http://www.vupen.com/english/advisories/2007/0343
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/2315
http://www.vupen.com/english/advisories/2007/2783
http://www.vupen.com/english/advisories/2008/0905/references
http://www.vupen.com/english/advisories/2008/2396
XForce ISS Database: openssl-publickey-dos(29230)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230




© 1998-2024 E-Soft Inc. All rights reserved.