ID CVE-2006-4339
Summary OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL 0.9.1c
    cpe:2.3:a:openssl:openssl:0.9.1c
  • OpenSSL Project OpenSSL 0.9.2b
    cpe:2.3:a:openssl:openssl:0.9.2b
  • OpenSSL Project OpenSSL 0.9.3
    cpe:2.3:a:openssl:openssl:0.9.3
  • OpenSSL Project OpenSSL 0.9.3a
    cpe:2.3:a:openssl:openssl:0.9.3a
  • OpenSSL Project OpenSSL 0.9.4
    cpe:2.3:a:openssl:openssl:0.9.4
  • OpenSSL Project OpenSSL 0.9.5
    cpe:2.3:a:openssl:openssl:0.9.5
  • OpenSSL Project OpenSSL 0.9.5 Beta1
    cpe:2.3:a:openssl:openssl:0.9.5:beta1
  • OpenSSL Project OpenSSL 0.9.5 Beta2
    cpe:2.3:a:openssl:openssl:0.9.5:beta2
  • OpenSSL Project OpenSSL 0.9.5a
    cpe:2.3:a:openssl:openssl:0.9.5a
  • OpenSSL Project OpenSSL 0.9.5a Beta1
    cpe:2.3:a:openssl:openssl:0.9.5a:beta1
  • OpenSSL Project OpenSSL 0.9.5a Beta2
    cpe:2.3:a:openssl:openssl:0.9.5a:beta2
  • OpenSSL Project OpenSSL 0.9.6
    cpe:2.3:a:openssl:openssl:0.9.6
  • OpenSSL Project OpenSSL 0.9.6 Beta1
    cpe:2.3:a:openssl:openssl:0.9.6:beta1
  • OpenSSL Project OpenSSL 0.9.6 Beta2
    cpe:2.3:a:openssl:openssl:0.9.6:beta2
  • OpenSSL Project OpenSSL 0.9.6 Beta3
    cpe:2.3:a:openssl:openssl:0.9.6:beta3
  • OpenSSL Project OpenSSL 0.9.6a
    cpe:2.3:a:openssl:openssl:0.9.6a
  • OpenSSL Project OpenSSL 0.9.6a Beta1
    cpe:2.3:a:openssl:openssl:0.9.6a:beta1
  • OpenSSL Project OpenSSL 0.9.6a Beta2
    cpe:2.3:a:openssl:openssl:0.9.6a:beta2
  • OpenSSL Project OpenSSL 0.9.6a Beta3
    cpe:2.3:a:openssl:openssl:0.9.6a:beta3
  • OpenSSL Project OpenSSL 0.9.6b
    cpe:2.3:a:openssl:openssl:0.9.6b
  • OpenSSL Project OpenSSL 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • OpenSSL Project OpenSSL 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • OpenSSL Project OpenSSL 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • OpenSSL Project OpenSSL 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • OpenSSL Project OpenSSL 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • OpenSSL Project OpenSSL 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • OpenSSL Project OpenSSL 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • OpenSSL Project OpenSSL 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • OpenSSL Project OpenSSL 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • OpenSSL Project OpenSSL 0.9.6l
    cpe:2.3:a:openssl:openssl:0.9.6l
  • OpenSSL Project OpenSSL 0.9.6m
    cpe:2.3:a:openssl:openssl:0.9.6m
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • OpenSSL Project OpenSSL 0.9.7d
    cpe:2.3:a:openssl:openssl:0.9.7d
  • OpenSSL Project OpenSSL 0.9.7e
    cpe:2.3:a:openssl:openssl:0.9.7e
  • OpenSSL Project OpenSSL 0.9.7f
    cpe:2.3:a:openssl:openssl:0.9.7f
  • OpenSSL Project OpenSSL 0.9.7g
    cpe:2.3:a:openssl:openssl:0.9.7g
  • OpenSSL Project OpenSSL 0.9.7h
    cpe:2.3:a:openssl:openssl:0.9.7h
  • OpenSSL Project OpenSSL 0.9.7i
    cpe:2.3:a:openssl:openssl:0.9.7i
  • OpenSSL Project OpenSSL 0.9.7j
    cpe:2.3:a:openssl:openssl:0.9.7j
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • OpenSSL Project OpenSSL 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • OpenSSL Project OpenSSL 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
CVSS
Base: 4.3 (as of 05-09-2006 - 13:17)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_113451.NASL
    description SunOS 5.9: IKE patch. Date this patch was last updated by Sun : Aug/09/10
    last seen 2016-09-26
    modified 2012-06-14
    plugin id 13538
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13538
    title Solaris 9 (sparc) : 113451-17
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_118371.NASL
    description SunOS 5.10: elfsign patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-02
    modified 2018-08-13
    plugin id 20332
    published 2005-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20332
    title Solaris 10 (sparc) : 118371-10
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_118372.NASL
    description SunOS 5.10_x86: elfsign patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20333
    published 2005-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20333
    title Solaris 10 (x86) : 118372-10
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_114435.NASL
    description SunOS 5.9_x86: IKE patch. Date this patch was last updated by Sun : Aug/09/10
    last seen 2016-09-26
    modified 2012-06-14
    plugin id 13602
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13602
    title Solaris 9 (x86) : 114435-16
  • NASL family Windows
    NASL id OPENOFFICE_32.NASL
    description The version of Sun Microsystems OpenOffice.org installed on the remote host is prior to version 3.2. It is, therefore, affected by several issues : - Signatures may not be handled properly due to a vulnerability in the libxml2 library. (CVE-2006-4339) - There is an HMAC truncation authentication bypass vulnerability in the libxmlsec library. (CVE-2009-0217) - The application is bundled with a vulnerable version of the Microsoft VC++ runtime. (CVE-2009-2493) - Specially crafted XPM files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2949) - Specially crafted GIF files are not processed properly, which could lead to arbitrary code execution. (CVE-2009-2950) - Specially crafted Microsoft Word documents are not processed properly, which could lead to arbitrary code execution. (CVE-2009-3301 / CVE-2009-3302)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 44597
    published 2010-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44597
    title Sun OpenOffice.org < 3.2 Multiple Vulnerabilities
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35920.NASL
    description s700_800 11.23 Bind 9.2.0 components : Potential vulnerabilities have been identified with HP-UX running BIND. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). References: CVE-2006-4339, CVE-2007-0493 (BIND v9.3.2 only), CVE-2007-0494.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26138
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26138
    title HP-UX PHNE_35920 : HP-UX Running BIND, Remote Denial of Service (DoS) (HPSBUX02219 SSRT061273 rev.1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0525.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types can take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43838
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43838
    title RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-207.NASL
    description The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem (CVE-2006-4339). BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to be generated using the '-e' option of dnssec-keygen, if the current keys were generated using the default exponent of 3. You are able to determine if your keys are vulnerable by looking at the algorithm (1 or 5) and the first three characters of the Base64 encoded RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with 'AQM', 'AQN', 'AQO', or 'AQP' are vulnerable.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 24592
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24592
    title Mandrake Linux Security Advisory : bind (MDKSA-2006:207)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-36.NASL
    description NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/11/17
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107816
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107816
    title Solaris 10 (x86) : 119214-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-36.NASL
    description NSS_NSPR_JSS 3.30.2: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/09/17
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107313
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107313
    title Solaris 10 (sparc) : 119213-36
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-339-1.NASL
    description Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge signatures without the need of the secret key. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27918
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27918
    title Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerability (USN-339-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-19.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using OpenOffice, possibly resulting in execution of arbitrary code with the privileges of the process, a Denial of Service condition, execution of arbitrary Python code, authentication bypass, or reading and writing of arbitrary files. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77467
    published 2014-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77467
    title GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities
  • NASL family Windows
    NASL id VMWARE_MULTIPLE_VMSA_2008_0005.NASL
    description VMware products installed on the remote host are affected by multiple vulnerabilities : - The 'authd' process is affected by a privilege escalation vulnerability that could allow an attacker to execute arbitrary code with system level privileges or cause a denial of service condition. - A feature in VMware workstation version 6.0.2 could allow anonymous console access to guest host via VIX API, which could result in unauthorized access. This feature has been disabled in version 6.0.3. - Windows based VMware hosts are affected by a privilege escalation vulnerability. By manipulating 'config.ini' an attacker may be able to gain elevated privileges by hijacking the VMware VMX process. - Multiple VMware products are affected by a directory traversal vulnerability. If a Windows based VMware host is configured to allow shared access from a guest host to a folder on the Host system (HGFS), it may be possible to gain access to the Host file system from guest OS and create/modify arbitrary executable files. VMware Server is not affected by this vulnerability. - Multiple VMware products hosted on a Windows 2000 host are affected by a privilege escalation vulnerability. - Multiple VMware products are vulnerable to a potential denial of service attack.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 31729
    published 2008-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31729
    title VMware Products Multiple Vulnerabilities (VMSA-2008-0005)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_116649-25.NASL
    description Web Server 6.1: Sun ONE Web Server 6.1_x86 Patch WS61SP13. Date this patch was last updated by Sun : Sep/20/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107796
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107796
    title Solaris 10 (x86) : 116649-25
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_116648.NASL
    description Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13. Date this patch was last updated by Sun : Sep/20/10
    last seen 2018-09-01
    modified 2016-12-12
    plugin id 23519
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23519
    title Solaris 9 (sparc) : 116648-25
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_116648.NASL
    description Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13. Date this patch was last updated by Sun : Sep/20/10
    last seen 2018-09-01
    modified 2016-12-12
    plugin id 23381
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23381
    title Solaris 8 (sparc) : 116648-25
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1174.NASL
    description Daniel Bleichenbacher discovered a flaw in the OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22716
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22716
    title Debian DSA-1174-1 : openssl096 - cryptographic weakness
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200610-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200610-06 (Mozilla Network Security Service (NSS): RSA signature forgery) Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This affects a number of RSA signature implementations, including Mozilla's NSS. Impact : Since several Certificate Authorities (CAs) are using an exponent of 3 it might be possible for an attacker to create a key with a false CA signature. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and SeaMonkey. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 22892
    published 2006-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22892
    title GLSA-200610-06 : Mozilla Network Security Service (NSS): RSA signature forgery
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_C97D7A37223311DF96DD001B2134EF46.NASL
    description OpenOffice.org Security Team reports : Fixed in OpenOffice.org 3.2 CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime CVE-2009-2949: Potential vulnerability related to XPM file processing CVE-2009-2950: Potential vulnerability related to GIF file processing CVE-2009-3301/2: Potential vulnerability related to MS-Word document processing
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44922
    published 2010-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44922
    title FreeBSD : openoffice.org -- multiple vulnerabilities (c97d7a37-2233-11df-96dd-001b2134ef46)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-161.NASL
    description Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures where an RSA key with a small exponent used could be vulnerable to forgery of a PKCS #1 v1.5 signature signed by that key. Any software using OpenSSL to verify X.509 certificates is potentially vulnerable to this issue, as well as any other use of PKCS #1 v1.5, including software uses OpenSSL for SSL or TLS. Updated packages are patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 23905
    published 2006-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23905
    title Mandrake Linux Security Advisory : openssl (MDKSA-2006:161)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_119209.NASL
    description NSS_NSPR_JSS 3.30.2: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/11/17
    last seen 2018-09-01
    modified 2017-11-13
    plugin id 23414
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23414
    title Solaris 8 (sparc) : 119209-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_119212.NASL
    description NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/09/17
    last seen 2018-09-01
    modified 2017-11-10
    plugin id 19844
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19844
    title Solaris 9 (x86) : 119212-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_119211.NASL
    description NSS_NSPR_JSS 3.30.2: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/09/17
    last seen 2018-09-01
    modified 2017-11-10
    plugin id 19842
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19842
    title Solaris 9 (sparc) : 119211-36
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_116648-25.NASL
    description Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13. Date this patch was last updated by Sun : Sep/20/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107295
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107295
    title Solaris 10 (sparc) : 116648-25
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0264.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849) Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969) Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542) Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43836
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43836
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_114050.NASL
    description SunOS 5.9_x86: NSPR 4.1.6 / NSS 3.3.4.8. Date this patch was last updated by Sun : Nov/08/06
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 13589
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13589
    title Solaris 9 (x86) : 114050-14
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_116648.NASL
    description Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13. Date this patch was last updated by Sun : Sep/20/10 This plugin has been deprecated and either replaced with individual 116648 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 22946
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22946
    title Solaris 10 (sparc) : 116648-25 (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0629.NASL
    description Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the Python repr() function's handling of UTF-32/UCS-4 strings. If an application used the repr() function on untrusted data, this could lead to a denial of service or, possibly, allow the execution of arbitrary code with the privileges of the application using the flawed function. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This could, potentially, cause disclosure of data stored in the memory of an application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or, possibly, execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43839
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43839
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPERA-2181.NASL
    description This update fixes the RSA signature checking problem found in openssl in the Opera webbrowser (which is statically linked against openssl). (CVE-2006-4339) A URL tag parsing heap overflow in Opera could be used to potentially execute code. (CVE-2006-4819)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27374
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27374
    title openSUSE 10 Security Update : opera (opera-2181)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-31.NASL
    description NSS_NSPR_JSS 3.17.2_x86: NSPR 4.10.7 / NSS. Date this patch was last updated by Sun : Feb/19/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107813
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107813
    title Solaris 10 (x86) : 119214-31
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_114045.NASL
    description Security 3.3.4.8: NSPR 4.1.6 / NSS 3.3.4.8. Date this patch was last updated by Sun : Nov/08/06
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 23361
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23361
    title Solaris 8 (sparc) : 114045-14
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_114049.NASL
    description SunOS 5.9: NSPR 4.1.6 / NSS 3.3.4.8. Date this patch was last updated by Sun : Nov/07/06
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 13548
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13548
    title Solaris 9 (sparc) : 114049-14
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-32.NASL
    description NSS_NSPR_JSS 3.17.4: NSPR 4.10.7 / NSS 3.17.4 / JSS 4.3.2. Date this patch was last updated by Sun : Dec/24/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107311
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107311
    title Solaris 10 (sparc) : 119213-32
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-33.NASL
    description NSS_NSPR_JSS 3.21: NSPR 4.11 / NSS 3.21 /. Date this patch was last updated by Sun : Mar/22/16
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107312
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107312
    title Solaris 10 (sparc) : 119213-33
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-31.NASL
    description NSS_NSPR_JSS 3.17.2: NSPR 4.10.7 / NSS 3.1. Date this patch was last updated by Sun : Feb/19/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107310
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107310
    title Solaris 10 (sparc) : 119213-31
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-30.NASL
    description NSS_NSPR_JSS 3.16: NSPR 4.10.4 / NSS 3.16. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107309
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107309
    title Solaris 10 (sparc) : 119213-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-27.NASL
    description NSS_NSPR_JSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2. Date this patch was last updated by Sun : Feb/08/12
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107308
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107308
    title Solaris 10 (sparc) : 119213-27 (BEAST)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_117123.NASL
    description SunOS 5.9: wanboot and pkg utilities Patch. Date this patch was last updated by Sun : Oct/31/11
    last seen 2018-09-02
    modified 2016-12-09
    plugin id 26166
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26166
    title Solaris 9 (sparc) : 117123-10
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_077C2DCA8F9A11DBAB33000E0C2E438A.NASL
    description Problem Description When verifying a PKCS#1 v1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes. Impact OpenSSL will incorrectly report some invalid signatures as valid. When an RSA public exponent of 3 is used, or more generally when a small public exponent is used with a relatively large modulus (e.g., a public exponent of 17 with a 4096-bit modulus), an attacker can construct a signature which OpenSSL will accept as a valid PKCS#1 v1.5 signature. Workaround No workaround is available.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 23951
    published 2006-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23951
    title FreeBSD : openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) (077c2dca-8f9a-11db-ab33-000e0c2e438a)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0661.NASL
    description Updated OpenSSL packages are now available to correct a security issue. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. The Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) This errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded. Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22321
    published 2006-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22321
    title CentOS 3 / 4 : openssl (CESA-2006:0661)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-33.NASL
    description NSS_NSPR_JSS 3.21_x86: NSPR 4.11 / NSS 3.21 / JSS 4.3.2. Date this patch was last updated by Sun : Mar/22/16
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107815
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107815
    title Solaris 10 (x86) : 119214-33
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-30.NASL
    description NSS_NSPR_JSS 3.16_x86: NSPR 4.10.4 / NSS 3. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107812
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107812
    title Solaris 10 (x86) : 119214-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-32.NASL
    description NSS_NSPR_JSS 3.17.4_x86: NSPR 4.10.7 / NSS 3.17.4 / JSS 4.3.2. Date this patch was last updated by Sun : Dec/24/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107814
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107814
    title Solaris 10 (x86) : 119214-32
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-27.NASL
    description NSS_NSPR_JSS 3.13.1_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2. Date this patch was last updated by Sun : Feb/08/12
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107811
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107811
    title Solaris 10 (x86) : 119214-27 (BEAST)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_122715.NASL
    description SunOS 5.9_x86: wanboot and pkg utilities Patch. Date this patch was last updated by Sun : Oct/31/11
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 27031
    published 2007-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27031
    title Solaris 9 (x86) : 122715-03
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL6623.NASL
    description The remote BIG-IP device is missing a patch required by a security advisory.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78210
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78210
    title F5 Networks BIG-IP : OpenSSL signature vulnerability (SOL6623)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-38.NASL
    description NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2. Date this patch was last updated by Sun : May/16/18
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 109882
    published 2018-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109882
    title Solaris 10 (sparc) : 119213-38
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35437.NASL
    description s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266) - Potential security vulnerabilities have been identified with Apache running on HP-UX VirtualVault. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. (HPSBUX02172 SSRT061269)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 23715
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23715
    title HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35462.NASL
    description s700_800 11.04 Virtualvault 4.6 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23720
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23720
    title HP-UX PHSS_35462 : s700_800 11.04 Virtualvault 4.6 OWS update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35436.NASL
    description s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with Apache running on HP-UX VirtualVault. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. (HPSBUX02172 SSRT061269) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 23714
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23714
    title HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35459.NASL
    description s700_800 11.04 Virtualvault 4.6 IWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23717
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23717
    title HP-UX PHSS_35459 : s700_800 11.04 Virtualvault 4.6 IWS update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35458.NASL
    description s700_800 11.04 Virtualvault 4.5 IWS Update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266) - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23716
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23716
    title HP-UX PHSS_35458 : s700_800 11.04 Virtualvault 4.5 IWS Update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35460.NASL
    description s700_800 11.04 Virtualvault 4.7 IWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23718
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23718
    title HP-UX PHSS_35460 : s700_800 11.04 Virtualvault 4.7 IWS update
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-38.NASL
    description NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2. Date this patch was last updated by Sun : May/16/18
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 109884
    published 2018-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109884
    title Solaris 10 (x86) : 119214-38
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35110.NASL
    description s700_800 11.04 Webproxy server 2.0 update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23712
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23712
    title HP-UX PHSS_35110 : s700_800 11.04 Webproxy server 2.0 update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35461.NASL
    description s700_800 11.04 Virtualvault 4.5 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23719
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23719
    title HP-UX PHSS_35461 : s700_800 11.04 Virtualvault 4.5 OWS update
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214-37.NASL
    description NSS_NSPR_JSS 3.34_x86: NSPR 4.17 / NSS 3.3. Date this patch was last updated by Sun : May/16/18
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 109912
    published 2018-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109912
    title Solaris 10 (x86) : 119214-37
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35463.NASL
    description s700_800 11.04 Virtualvault 4.7 (Apache 1.x) OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265) - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23721
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23721
    title HP-UX PHSS_35463 : s700_800 11.04 Virtualvault 4.7 (Apache 1.x) OWS update
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35111.NASL
    description s700_800 11.04 Webproxy 2.1 (Apache 1.x) update : The remote HP-UX host is affected by multiple vulnerabilities : - A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. (HPSBUX02165 SSRT061266) - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service (DoS) attack and execution of arbitrary code. (HPSBUX02164 SSRT061265)
    last seen 2019-02-21
    modified 2016-11-18
    plugin id 23713
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23713
    title HP-UX PHSS_35111 : s700_800 11.04 Webproxy 2.1 (Apache 1.x) update
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_121230-02.NASL
    description SunOS 5.10_x86: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107877
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107877
    title Solaris 10 (x86) : 121230-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_121230.NASL
    description SunOS 5.10_x86: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20275
    published 2005-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20275
    title Solaris 10 (x86) : 121230-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213-37.NASL
    description NSS_NSPR_JSS 3.34: NSPR 4.17 / NSS 3.34 /. Date this patch was last updated by Sun : May/16/18
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 109911
    published 2018-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109911
    title Solaris 10 (sparc) : 119213-37
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0073.NASL
    description java-1.5.0-ibm packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Serialization flaws were discovered in the Java Runtime Environment. An untrusted applet or application could use these flaws to elevate its privileges. (CVE-2006-6745) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of java-ibm-1.5.0 should upgrade to these packages, which contain IBM's 1.5.0 SR3 Java release which resolves these issues. Please note that the packages in this erratum are identical to those we released on January 24th 2007 in advisory RHEA-2007:0027. We have issued this security update because when we released RHEA-2007:0027 we were not aware that it contained fixes for security issues. If you have already updated to those packages you will not need to apply this update.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 63839
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63839
    title RHEL 4 : java-1.5.0-ibm (RHSA-2007:0073)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0661.NASL
    description Updated OpenSSL packages are now available to correct a security issue. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. The Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) This errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded. Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 22331
    published 2006-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22331
    title RHEL 2.1 / 3 / 4 : openssl (RHSA-2006:0661)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-178.NASL
    description Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24564
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24564
    title Mandrake Linux Security Advisory : ntp (MDKSA-2006:178)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-2082.NASL
    description This update fixes a bug in OpenSSL that allowed the forgery of some special RSA signatures. (CVE-2006-4339)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29541
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29541
    title SuSE 10 Security Update : openssl (ZYPP Patch Number 2082)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200609-05.NASL
    description The remote host is affected by the vulnerability described in GLSA-200609-05 (OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery) Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. Impact : Since several CAs are using an exponent of 3 it might be possible for an attacker to create a key with a false CA signature. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 22327
    published 2006-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22327
    title GLSA-200609-05 : OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0062.NASL
    description Updated java-1.4.2-ibm packages to correct several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR7 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A number of security issues were found : Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Serialization flaws were discovered in the Java Runtime Environment. An untrusted applet or application could use these flaws to elevate its privileges. (CVE-2006-6745) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of java-1.4.2-ibm should upgrade to these updated packages, which contain IBM's 1.4.2 SR7 Java release which resolves these issues.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 63837
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63837
    title RHEL 3 / 4 : java-1.4.2-ibm (RHSA-2007:0062)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0072.NASL
    description IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of IBMJava2 should upgrade to these updated packages, which contain IBM's 1.3.1 SR10a Java release which resolves these issues. Please note that the packages in this erratum are the same as those we released on January 24th 2007 with advisories RHBA-2007:0023 and RHEA-2007:0024. We have issued this security update as these previous advisories did not specify that they fixed critical security issues. If you have already updated to those versions of IBMJava you will not need to apply this update.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 24320
    published 2007-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24320
    title RHEL 2.1 : IBMJava2 (RHSA-2007:0072)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2006-310-01.NASL
    description New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions (these patches were already issued for Slackware). If you have not upgraded yet, get those as well to prevent a potentially exploitable security problem in named. In addition, the default RSA exponent was changed from 3 to 65537. Both of these issues are essentially the same as ones discovered in OpenSSL at the end of September 2006, only now there's protection against compiling using the wrong OpenSSL version. RSA keys using exponent 3 (which was previously BIND's default) will need to be regenerated to protect against the forging of RRSIGs.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 54867
    published 2011-05-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=54867
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 8.1 / 9.0 / 9.1 : bind (SSA:2006-310-01)
  • NASL family Web Servers
    NASL id OPENSSL_0_9_7K_0_9_8C.NASL
    description According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7k or 0.9.8c. These versions do not properly verify PKCS #1 v1.5 signatures and X509 certificates when the RSA exponent is 3.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 17756
    published 2012-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17756
    title OpenSSL < 0.9.7k / 0.9.8c PKCS Padding RSA Signature Forgery Vulnerability
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35481.NASL
    description s700_800 11.04 Virtualvault 4.7 TGP update : A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access.
    last seen 2019-02-21
    modified 2016-05-11
    plugin id 23723
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23723
    title HP-UX PHSS_35481 : HP-UX VirtualVault Remote Unauthorized Access (HPSBUX02165 SSRT061266 rev.1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_COMPAT-OPENSSL097G-2171.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4339 and CVE-2006-4343.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27187
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27187
    title openSUSE 10 Security Update : compat-openssl097g (compat-openssl097g-2171)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-2269.NASL
    description The RSA signature problem tracked by the Mitre CVE ID CVE-2006-4339 also affects the DNSSEC implementation in the BIND nameserver. This update fixes this problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27166
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27166
    title openSUSE 10 Security Update : bind (bind-2269)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2006-0661.NASL
    description Updated OpenSSL packages are now available to correct several security issues. This update has been rated as having important security impact by the Red Hat Security Response Team. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. These vulnerabilities can affect applications which use OpenSSL to parse ASN.1 data from untrusted sources, including SSL servers which enable client authentication and S/MIME applications. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Note: After installing this update, users are advised to either restart all services that use OpenSSL or restart their system. From Red Hat Security Advisory 2006:0695 : Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). Few applications make use of this vulnerable function and generally it is used only when applications are compiled for debugging. Tavis Ormandy and Will Drewry of the Google Security Team discovered a flaw in the SSLv2 client code. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) Dr S. N. Henson of the OpenSSL core team and Open Network Security recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk) which uncovered denial of service vulnerabilities : * Certain public key types can take disproportionate amounts of time to process, leading to a denial of service. (CVE-2006-2940) * During parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). This issue does not affect the OpenSSL version distributed in Red Hat Enterprise Linux 2.1. From Red Hat Security Advisory 2006:0661 : Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. The Google Security Team discovered that OpenSSL is vulnerable to this attack. This issue affects applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) This errata also resolves a problem where a customized ca-bundle.crt file was overwritten when the openssl package was upgraded.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67405
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67405
    title Oracle Linux 4 : openssl (ELSA-2006-0695 / ELSA-2006-0661)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHSS_35480.NASL
    description s700_800 11.04 Virtualvault 4.6 TGP update : A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access.
    last seen 2019-02-21
    modified 2016-05-11
    plugin id 23722
    published 2006-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23722
    title HP-UX PHSS_35480 : HP-UX VirtualVault Remote Unauthorized Access (HPSBUX02165 SSRT061266 rev.1)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1FE734BF4A0611DBB48D00508D6A62DF.NASL
    description Opera reports : A specially crafted digital certificate can bypass Opera's certificate signature verification. Forged certificates can contain any false information the forger chooses, and Opera will still present it as valid. Opera will not present any warning dialogs in this case, and the security status will be the highest possible (3). This defeats the protection against 'man in the middle', the attacks that SSL was designed to prevent. There is a flaw in OpenSSL's RSA signature verification that affects digital certificates using 3 as the public exponent. Some of the certificate issuers that are on Opera's list of trusted signers have root certificates with 3 as the public exponent. The forged certificate can appear to be signed by one of these.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 22428
    published 2006-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22428
    title FreeBSD : opera -- RSA Signature Forgery (1fe734bf-4a06-11db-b48d-00508d6a62df)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229-02.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 107376
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107376
    title Solaris 10 (sparc) : 121229-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119213.NASL
    description NSS_NSPR_JSS 3.30.2: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/09/17 This plugin has been deprecated and either replaced with individual 119213 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 20052
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20052
    title Solaris 10 (sparc) : 119213-36 (deprecated)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-177.NASL
    description Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some MySQL versions are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24563
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24563
    title Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119214.NASL
    description NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2. Date this patch was last updated by Sun : Nov/11/17 This plugin has been deprecated and either replaced with individual 119214 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 20055
    published 2005-10-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20055
    title Solaris 10 (x86) : 119214-36 (deprecated)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_JAVA_REL6.NASL
    description The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6. The remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user's KeyChain. To exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 29702
    published 2007-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29702
    title Mac OS X : Java for Mac OS X 10.4 Release 6
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-2268.NASL
    description The RSA signature problem tracked by the Mitre CVE ID CVE-2006-4339 also affects the DNSSEC implementation in the BIND nameserver. This update fixes this problem.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29386
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29386
    title SuSE 10 Security Update : bind (ZYPP Patch Number 2268)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1173.NASL
    description Daniel Bleichenbacher discovered a flaw in the OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22715
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22715
    title Debian DSA-1173-1 : openssl - cryptographic weakness
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_121229.NASL
    description SunOS 5.10: libssl patch. Date this patch was last updated by Sun : Apr/23/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20272
    published 2005-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20272
    title Solaris 10 (sparc) : 121229-02
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2006-257-02.NASL
    description New openssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a signature forgery security issue.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 22348
    published 2006-09-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22348
    title Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : openssl (SSA:2006-257-02)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-2069.NASL
    description This update fixes a bug in OpenSSL that allowed the forgery of some special RSA signatures. (CVE-2006-4339)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27367
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27367
    title openSUSE 10 Security Update : openssl (openssl-2069)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_COMPAT-OPENSSL097G-2163.NASL
    description A buffer overflow condition within the SSL_get_shared_ciphers() function and a DoS condition known as 'parasitic public keys' have been fixed. The later problem allowed attackers to trick the OpenSSL engine to spend an extraordinary amount of time to process public keys. The following CAN numbers have been assigned: CVE-2006-2937 / CVE-2006-2940 / CVE-2006-3738 / CVE-2006-4339 / CVE-2006-4343.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 29405
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29405
    title SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 2163)
oval via4
accepted 2010-09-06T04:11:01.787-04:00
class vulnerability
contributors
name Aharon Chernin
organization SCAP.com, LLC
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
description OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
family unix
id oval:org.mitre.oval:def:11656
status accepted
submitted 2010-07-09T03:56:16-04:00
title OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
version 6
redhat via4
advisories
  • bugzilla
    id 205180
    title CVE-2006-4339 RSA signature forgery
    oval
    OR
    • AND
      comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • AND
      comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    rhsa
    id RHSA-2006:0661
    released 2006-09-06
    severity Important
    title RHSA-2006:0661: openssl security update (Important)
  • rhsa
    id RHSA-2007:0062
  • rhsa
    id RHSA-2007:0072
  • rhsa
    id RHSA-2007:0073
  • rhsa
    id RHSA-2008:0629
refmap via4
apple
  • APPLE-SA-2006-11-28
  • APPLE-SA-2007-12-14
bea BEA07-169.00
bid
  • 19849
  • 22083
  • 28276
bugtraq
  • 20060905 rPSA-2006-0163-1 openssl openssl-scripts
  • 20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
  • 20070110 VMware ESX server security updates
  • 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
cert TA06-333A
cert-vn VU#845620
cisco
  • 20061108 Multiple Vulnerabilities in OpenSSL Library
  • 20061108 Multiple Vulnerabilities in OpenSSL library
confirm
debian
  • DSA-1173
  • DSA-1174
freebsd FreeBSD-SA-06:19
gentoo
  • GLSA-200609-05
  • GLSA-200609-18
  • GLSA-200610-06
  • GLSA-201408-19
hp
  • HPSBMA02250
  • HPSBOV02683
  • HPSBTU02207
  • HPSBUX02153
  • HPSBUX02165
  • HPSBUX02186
  • HPSBUX02219
  • SSRT061181
  • SSRT061213
  • SSRT061239
  • SSRT061266
  • SSRT061273
  • SSRT061275
  • SSRT071299
  • SSRT071304
  • SSRT090208
jvn JVN#51615542
jvndb JVNDB-2012-000079
mandriva
  • MDKSA-2006:161
  • MDKSA-2006:177
  • MDKSA-2006:178
  • MDKSA-2006:207
misc
mlist
  • [bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]
  • [ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error
  • [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
openbsd [3.9] 20060908 011: SECURITY FIX: September 8, 2006
openpkg
  • OpenPKG-SA-2006.018
  • OpenPKG-SA-2006.029
osvdb 28549
sectrack
  • 1016791
  • 1017522
secunia
  • 21709
  • 21767
  • 21776
  • 21778
  • 21785
  • 21791
  • 21812
  • 21823
  • 21846
  • 21852
  • 21870
  • 21873
  • 21906
  • 21927
  • 21930
  • 21982
  • 22036
  • 22044
  • 22066
  • 22161
  • 22226
  • 22232
  • 22259
  • 22260
  • 22284
  • 22325
  • 22446
  • 22509
  • 22513
  • 22523
  • 22545
  • 22585
  • 22671
  • 22689
  • 22711
  • 22733
  • 22758
  • 22799
  • 22932
  • 22934
  • 22936
  • 22937
  • 22938
  • 22939
  • 22940
  • 22948
  • 22949
  • 23155
  • 23455
  • 23680
  • 23794
  • 23841
  • 23915
  • 24099
  • 24930
  • 24950
  • 25284
  • 25399
  • 25649
  • 26329
  • 26893
  • 28115
  • 31492
  • 38567
  • 38568
  • 41818
  • 60799
sgi 20060901-01-P
slackware
  • SSA:2006-257-02
  • SSA:2006-310-01
sunalert
  • 1000148
  • 102648
  • 102656
  • 102657
  • 102686
  • 102696
  • 102722
  • 102744
  • 102759
  • 200708
  • 201247
  • 201534
suse
  • SUSE-SA:2006:055
  • SUSE-SA:2006:061
  • SUSE-SA:2007:010
  • SUSE-SR:2006:026
ubuntu USN-339-1
vupen
  • ADV-2006-3453
  • ADV-2006-3566
  • ADV-2006-3730
  • ADV-2006-3748
  • ADV-2006-3793
  • ADV-2006-3899
  • ADV-2006-3936
  • ADV-2006-4205
  • ADV-2006-4206
  • ADV-2006-4207
  • ADV-2006-4216
  • ADV-2006-4327
  • ADV-2006-4329
  • ADV-2006-4366
  • ADV-2006-4417
  • ADV-2006-4586
  • ADV-2006-4744
  • ADV-2006-4750
  • ADV-2006-5146
  • ADV-2007-0254
  • ADV-2007-0343
  • ADV-2007-1401
  • ADV-2007-1815
  • ADV-2007-1945
  • ADV-2007-2163
  • ADV-2007-2315
  • ADV-2007-2783
  • ADV-2007-4224
  • ADV-2008-0905
  • ADV-2010-0366
xf openssl-rsa-security-bypass(28755)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Vulnerable. This issue affects OpenSSL and OpenSSL compatibility packages in Red Hat Enterprise Linux 2.1, 3, and 4. Updates, along with our advisory are available at the URL below. http://rhn.redhat.com/errata/RHSA-2006-0661.html Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 17-10-2016 - 23:40
Published 05-09-2006 - 13:04
Last modified 17-10-2018 - 17:35
Back to Top