Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2006-4339
Description:OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2006-4339
BugTraq ID: 19849
BugTraq ID: 22083
BugTraq ID: 28276
Bugtraq: 20060905 rPSA-2006-0163-1 openssl openssl-scripts (Google Search)
Bugtraq: 20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery (Google Search)
Bugtraq: 20070110 VMware ESX server security updates (Google Search)
Bugtraq: 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues (Google Search)
Cert/CC Advisory: TA06-333A
CERT/CC vulnerability note: VU#845620
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL Library
Cisco Security Advisory: 20061108 Multiple Vulnerabilities in OpenSSL library
Debian Security Information: DSA-1173 (Google Search)
Debian Security Information: DSA-1174 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-06:19
HPdes Security Advisory: HPSBMA02250
HPdes Security Advisory: HPSBOV02683
HPdes Security Advisory: HPSBTU02207
HPdes Security Advisory: HPSBUX02153
HPdes Security Advisory: HPSBUX02165
HPdes Security Advisory: HPSBUX02186
HPdes Security Advisory: HPSBUX02219
HPdes Security Advisory: SSRT061181
HPdes Security Advisory: SSRT061213
HPdes Security Advisory: SSRT061239
HPdes Security Advisory: SSRT061266
HPdes Security Advisory: SSRT061273
HPdes Security Advisory: SSRT061275
HPdes Security Advisory: SSRT071299
HPdes Security Advisory: SSRT071304
HPdes Security Advisory: SSRT090208
OpenBSD Security Advisory: [3.9] 20060908 011: SECURITY FIX: September 8, 2006
RedHat Security Advisories: RHSA-2006:0661
RedHat Security Advisories: RHSA-2007:0062
RedHat Security Advisories: RHSA-2007:0072
RedHat Security Advisories: RHSA-2007:0073
RedHat Security Advisories: RHSA-2008:0629
SGI Security Advisory: 20060901-01-P
SuSE Security Announcement: SUSE-SA:2006:055 (Google Search)
SuSE Security Announcement: SUSE-SA:2006:061 (Google Search)
SuSE Security Announcement: SUSE-SA:2007:010 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:026 (Google Search)
XForce ISS Database: openssl-rsa-security-bypass(28755)

© 1998-2021 E-Soft Inc. All rights reserved.