- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200609-15 (GnuTLS: RSA Signature Forgery)
verify.c fails to properly handle excess data in digestAlgorithm.parameters field while generating a hash when using an RSA key with exponent 3. RSA keys that use exponent 3 are commonplace.
Impact :
Remote attackers could forge PKCS #1 v1.5 signatures that are signed with an RSA key, preventing GnuTLS from correctly verifying X.509 and other certificates that use PKCS.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top