Action not permitted
Modal body text goes here.
Modal Title
Modal Body
jvndb-2007-000772
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-23 18:32
Summary
Hitachi Web Server SSL Client Authentication Vulnerability
Details
Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.
The vulnerability does not affect the product if the SSL authenticaton client feature is disabled.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "dc:date": "2014-05-23T18:32+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-23T18:32+09:00", description: "Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.\r\n\r\nThe vulnerability does not affect the product if the SSL authenticaton client feature is disabled.", link: "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2", }, ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "@version": "2.0", }, "sec:identifier": "JVNDB-2007-000772", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "CVE", }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "CVE", }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "NVD", }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "NVD", }, { "#text": "http://secunia.com/advisories/27421", "@id": "SA27421", "@source": "SECUNIA", }, { "#text": "http://xforce.iss.net/xforce/xfdb/28755", "@id": "28755", "@source": "XF", }, { "#text": "http://www.frsirt.com/english/advisories/2007/3666", "@id": "FrSIRT/ADV-2007-3666", "@source": "FRSIRT", }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-20", "@title": "Improper Input Validation(CWE-20)", }, ], title: "Hitachi Web Server SSL Client Authentication Vulnerability", }
cve-2006-4339
Vulnerability from cvelistv5
Published
2006-09-05 17:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T19:06:07.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/", }, { name: "ADV-2006-4750", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4750", }, { name: "SSRT061273", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { name: "ADV-2006-3453", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3453", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", }, { name: "23915", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23915", }, { name: "201534", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1", }, { name: "HPSBMA02250", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { name: "JVN#51615542", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN51615542/index.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=307177", }, { name: "60799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60799", }, { name: "28549", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/28549", }, { name: "ADV-2006-4366", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4366", }, { name: "22932", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22932", }, { name: "ADV-2006-3748", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3748", }, { name: "21791", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21791", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html", }, { name: "GLSA-201408-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", }, { name: "26893", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26893", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20060905.txt", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", }, { name: "22509", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22509", }, { name: "MDKSA-2006:207", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207", }, { name: "RHSA-2006:0661", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0661.html", }, { name: "SUSE-SA:2006:061", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_61_opera.html", }, { name: "21930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21930", }, { name: "22940", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22940", }, { name: "SSRT071304", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "21852", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21852", }, { name: "BEA07-169.00", tags: [ "vendor-advisory", "x_refsource_BEA", "x_transferred", ], url: "http://dev2dev.bea.com/pub/advisory/238", }, { name: "21823", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21823", }, { name: "102657", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1", }, { name: "22758", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22758", }, { name: "22938", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22938", }, { name: "ADV-2006-3899", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3899", }, { name: "22044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22044", }, { name: "ADV-2007-1945", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/1945", }, { name: "RHSA-2007:0062", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0062.html", }, { name: "OpenPKG-SA-2006.029", tags: [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred", ], url: "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html", }, { name: "ADV-2006-4206", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4206", }, { name: "ADV-2006-3730", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3730", }, { name: "SSRT071299", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { name: "21812", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21812", }, { name: "22523", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22523", }, { name: "HPSBUX02165", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { name: "22689", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22689", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=304829", }, { name: "23794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23794", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "102759", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1", }, { name: "GLSA-200609-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200609-05.xml", }, { name: "22711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22711", }, { name: "20060905 rPSA-2006-0163-1 openssl openssl-scripts", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/445231/100/0/threaded", }, { name: "23680", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23680", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://openvpn.net/changelog.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { name: "[3.9] 20060908 011: SECURITY FIX: September 8, 2006", tags: [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred", ], url: "http://www.openbsd.org/errata.html", }, { name: "22733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22733", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1633", }, { name: "22949", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22949", }, { name: "SSA:2006-310-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955", }, { name: "USN-339-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-339-1", }, { name: "ADV-2006-3566", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3566", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf", }, { name: "SUSE-SR:2006:026", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_26_sr.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { name: "102744", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1", }, { name: "22446", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22446", }, { name: "22939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22939", }, { name: "24099", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24099", }, { name: "20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/445822/100/0/threaded", }, { name: "25284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25284", }, { name: "22083", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/22083", }, { name: "MDKSA-2006:178", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178", }, { name: "1016791", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1016791", }, { name: "25649", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25649", }, { name: "ADV-2010-0366", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0366", }, { name: "22671", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22671", }, { name: "[ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html", }, { name: "102722", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1", }, { name: "21785", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21785", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { name: "31492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31492", }, { name: "ADV-2006-4329", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4329", }, { name: "DSA-1173", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.us.debian.org/security/2006/dsa-1173", }, { name: "38567", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38567", }, { name: "22284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22284", }, { name: "24930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24930", }, { name: "ADV-2006-4327", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4327", }, { name: "MDKSA-2006:161", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161", }, { name: "21778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21778", }, { name: "RHSA-2008:0629", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0629.html", }, { name: "102696", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1", }, { name: "APPLE-SA-2007-12-14", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html", }, { name: "ADV-2007-2163", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2163", }, { name: "26329", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26329", }, { name: "22260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22260", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html", }, { name: "ADV-2007-0343", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/0343", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", }, { name: "102656", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1", }, { name: "SUSE-SA:2007:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html", }, { name: "SSRT061213", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "20060901-01-P", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { name: "21982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21982", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.attachmate.com/techdocs/2137.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-616", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.attachmate.com/techdocs/2127.html", }, { name: "GLSA-200610-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml", }, { name: "DSA-1174", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1174", }, { name: "23155", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23155", }, { name: "1000148", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openoffice.org/security/cves/CVE-2006-4339.html", }, { name: "22799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22799", }, { name: "ADV-2006-4207", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4207", }, { name: "ADV-2006-4417", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4417", }, { name: "HPSBUX02186", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.sybase.com/detail?id=1047991", }, { name: "SSRT061239", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "21873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21873", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "RHSA-2007:0072", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0072.html", }, { name: "JVNDB-2012-000079", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.serv-u.com/releasenotes/", }, { name: "ADV-2006-4744", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4744", }, { name: "38568", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38568", }, { name: "21846", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21846", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", }, { name: "HPSBUX02219", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { name: "ADV-2007-0254", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/0254", }, { name: "SSRT061266", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { name: "SSRT061181", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { name: "ADV-2007-4224", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/4224", }, { name: "22161", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22161", }, { name: "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=bind-announce&m=116253119512445&w=2", }, { name: "22937", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22937", }, { name: "22325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22325", }, { name: "102648", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1", }, { name: "ADV-2007-2315", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2315", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.opera.com/support/search/supsearch.dml?index=845", }, { name: "APPLE-SA-2006-11-28", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html", }, { name: "21767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21767", }, { name: "ADV-2007-1815", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/1815", }, { name: "22232", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22232", }, { name: "TA06-333A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA06-333A.html", }, { name: "21906", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21906", }, { name: "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/489739/100/0/threaded", }, { name: "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", }, { name: "HPSBUX02153", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { name: "22934", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22934", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { name: "RHSA-2007:0073", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0073.html", }, { name: "22585", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22585", }, { name: "25399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25399", }, { name: "ADV-2008-0905", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0905/references", }, { name: "ADV-2007-1401", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/1401", }, { name: "201247", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1", }, { name: "openssl-rsa-security-bypass(28755)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755", }, { name: "22513", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22513", }, { name: "41818", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/41818", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.attachmate.com/techdocs/2128.html", }, { name: "oval:org.mitre.oval:def:11656", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", }, { name: "21776", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21776", }, { name: "SSRT061275", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { name: "FreeBSD-SA-06:19", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc", }, { name: "23455", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23455", }, { name: "20070110 VMware ESX server security updates", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/456546/100/200/threaded", }, { name: "28115", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/28115", }, { name: "22226", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22226", }, { name: "ADV-2006-3936", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3936", }, { name: "22066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22066", }, { name: "22936", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22936", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", }, { name: "HPSBTU02207", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "OpenPKG-SA-2006.018", tags: [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html", }, { name: "MDKSA-2006:177", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177", }, { name: "22545", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22545", }, { name: "1017522", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1017522", }, { name: "22948", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22948", }, { name: "20061108 Multiple Vulnerabilities in OpenSSL Library", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html", }, { name: "23841", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23841", }, { name: "ADV-2006-4205", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4205", }, { name: "ADV-2007-2783", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2783", }, { name: "22259", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22259", }, { name: "22036", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22036", }, { name: "200708", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1", }, { name: "ADV-2006-4586", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4586", }, { name: "21927", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21927", }, { name: "SUSE-SA:2006:055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_55_ssl.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", }, { name: "ADV-2006-5146", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/5146", }, { name: "21870", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21870", }, { name: "ADV-2006-4216", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/4216", }, { name: "ADV-2006-3793", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3793", }, { name: "28276", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/28276", }, { name: "21709", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21709", }, { name: "VU#845620", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/845620", }, { name: "SSA:2006-257-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306", }, { name: "GLSA-200609-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200609-18.xml", }, { name: "20061108 Multiple Vulnerabilities in OpenSSL library", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml", }, { name: "102686", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1", }, { name: "24950", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24950", }, { name: "19849", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/19849", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-08-27T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-17T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/", }, { name: "ADV-2006-4750", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4750", }, { name: "SSRT061273", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { name: "ADV-2006-3453", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3453", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", }, { name: "23915", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23915", }, { name: "201534", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1", }, { name: "HPSBMA02250", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { name: "JVN#51615542", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN51615542/index.html", }, { tags: [ "x_refsource_MISC", ], url: "http://docs.info.apple.com/article.html?artnum=307177", }, { name: "60799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60799", }, { name: "28549", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/28549", }, { name: "ADV-2006-4366", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4366", }, { name: "22932", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22932", }, { name: "ADV-2006-3748", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3748", }, { name: "21791", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21791", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html", }, { name: "GLSA-201408-19", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", }, { name: "26893", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26893", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20060905.txt", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", }, { name: "22509", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22509", }, { name: "MDKSA-2006:207", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207", }, { name: "RHSA-2006:0661", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0661.html", }, { name: "SUSE-SA:2006:061", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_61_opera.html", }, { name: "21930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21930", }, { name: "22940", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22940", }, { name: "SSRT071304", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "21852", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21852", }, { name: "BEA07-169.00", tags: [ "vendor-advisory", "x_refsource_BEA", ], url: "http://dev2dev.bea.com/pub/advisory/238", }, { name: "21823", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21823", }, { name: "102657", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1", }, { name: "22758", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22758", }, { name: "22938", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22938", }, { name: "ADV-2006-3899", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3899", }, { name: "22044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22044", }, { name: "ADV-2007-1945", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/1945", }, { name: "RHSA-2007:0062", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0062.html", }, { name: "OpenPKG-SA-2006.029", tags: [ "vendor-advisory", "x_refsource_OPENPKG", ], url: "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html", }, { name: "ADV-2006-4206", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4206", }, { name: "ADV-2006-3730", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3730", }, { name: "SSRT071299", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { name: "21812", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21812", }, { name: "22523", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22523", }, { name: "HPSBUX02165", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { name: "22689", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22689", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=304829", }, { name: "23794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23794", }, { name: "SSRT090208", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "102759", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1", }, { name: "GLSA-200609-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200609-05.xml", }, { name: "22711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22711", }, { name: "20060905 rPSA-2006-0163-1 openssl openssl-scripts", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/445231/100/0/threaded", }, { name: "23680", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23680", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://openvpn.net/changelog.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { name: "[3.9] 20060908 011: SECURITY FIX: September 8, 2006", tags: [ "vendor-advisory", "x_refsource_OPENBSD", ], url: "http://www.openbsd.org/errata.html", }, { name: "22733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22733", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1633", }, { name: "22949", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22949", }, { name: "SSA:2006-310-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955", }, { name: "USN-339-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-339-1", }, { name: "ADV-2006-3566", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3566", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf", }, { name: "SUSE-SR:2006:026", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_26_sr.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { name: "102744", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1", }, { name: "22446", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22446", }, { name: "22939", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22939", }, { name: "24099", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24099", }, { name: "20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/445822/100/0/threaded", }, { name: "25284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25284", }, { name: "22083", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/22083", }, { name: "MDKSA-2006:178", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178", }, { name: "1016791", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1016791", }, { name: "25649", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25649", }, { name: "ADV-2010-0366", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0366", }, { name: "22671", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22671", }, { name: "[ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html", }, { name: "102722", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1", }, { name: "21785", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21785", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { name: "31492", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31492", }, { name: "ADV-2006-4329", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4329", }, { name: "DSA-1173", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.us.debian.org/security/2006/dsa-1173", }, { name: "38567", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38567", }, { name: "22284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22284", }, { name: "24930", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24930", }, { name: "ADV-2006-4327", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4327", }, { name: "MDKSA-2006:161", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161", }, { name: "21778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21778", }, { name: "RHSA-2008:0629", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0629.html", }, { name: "102696", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1", }, { name: "APPLE-SA-2007-12-14", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html", }, { name: "ADV-2007-2163", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2163", }, { name: "26329", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26329", }, { name: "22260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22260", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html", }, { name: "ADV-2007-0343", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/0343", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", }, { name: "102656", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1", }, { name: "SUSE-SA:2007:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html", }, { name: "SSRT061213", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "20060901-01-P", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { name: "21982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21982", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.attachmate.com/techdocs/2137.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-616", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.attachmate.com/techdocs/2127.html", }, { name: "GLSA-200610-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml", }, { name: "DSA-1174", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1174", }, { name: "23155", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23155", }, { name: "1000148", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openoffice.org/security/cves/CVE-2006-4339.html", }, { name: "22799", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22799", }, { name: "ADV-2006-4207", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4207", }, { name: "ADV-2006-4417", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4417", }, { name: "HPSBUX02186", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.sybase.com/detail?id=1047991", }, { name: "SSRT061239", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "21873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21873", }, { name: "HPSBOV02683", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { name: "RHSA-2007:0072", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0072.html", }, { name: "JVNDB-2012-000079", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.serv-u.com/releasenotes/", }, { name: "ADV-2006-4744", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4744", }, { name: "38568", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38568", }, { name: "21846", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21846", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", }, { name: "HPSBUX02219", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { name: "ADV-2007-0254", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/0254", }, { name: "SSRT061266", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { name: "SSRT061181", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { name: "ADV-2007-4224", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/4224", }, { name: "22161", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22161", }, { name: "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=bind-announce&m=116253119512445&w=2", }, { name: "22937", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22937", }, { name: "22325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22325", }, { name: "102648", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1", }, { name: "ADV-2007-2315", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2315", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.opera.com/support/search/supsearch.dml?index=845", }, { name: "APPLE-SA-2006-11-28", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html", }, { name: "21767", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21767", }, { name: "ADV-2007-1815", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/1815", }, { name: "22232", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22232", }, { name: "TA06-333A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA06-333A.html", }, { name: "21906", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21906", }, { name: "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/489739/100/0/threaded", }, { name: "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", }, { name: "HPSBUX02153", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { name: "22934", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22934", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { name: "RHSA-2007:0073", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2007-0073.html", }, { name: "22585", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22585", }, { name: "25399", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25399", }, { name: "ADV-2008-0905", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0905/references", }, { name: "ADV-2007-1401", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/1401", }, { name: "201247", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1", }, { name: "openssl-rsa-security-bypass(28755)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755", }, { name: "22513", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22513", }, { name: "41818", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/41818", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.attachmate.com/techdocs/2128.html", }, { name: "oval:org.mitre.oval:def:11656", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", }, { name: "21776", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21776", }, { name: "SSRT061275", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { name: "FreeBSD-SA-06:19", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc", }, { name: "23455", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23455", }, { name: "20070110 VMware ESX server security updates", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/456546/100/200/threaded", }, { name: "28115", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/28115", }, { name: "22226", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22226", }, { name: "ADV-2006-3936", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3936", }, { name: "22066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22066", }, { name: "22936", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22936", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", }, { name: "HPSBTU02207", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { name: "OpenPKG-SA-2006.018", tags: [ "vendor-advisory", "x_refsource_OPENPKG", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html", }, { name: "MDKSA-2006:177", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177", }, { name: "22545", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22545", }, { name: "1017522", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1017522", }, { name: "22948", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22948", }, { name: "20061108 Multiple Vulnerabilities in OpenSSL Library", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html", }, { name: "23841", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23841", }, { name: "ADV-2006-4205", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4205", }, { name: "ADV-2007-2783", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2783", }, { name: "22259", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22259", }, { name: "22036", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22036", }, { name: "200708", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1", }, { name: "ADV-2006-4586", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4586", }, { name: "21927", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21927", }, { name: "SUSE-SA:2006:055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_55_ssl.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", }, { name: "ADV-2006-5146", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/5146", }, { name: "21870", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21870", }, { name: "ADV-2006-4216", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/4216", }, { name: "ADV-2006-3793", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3793", }, { name: "28276", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/28276", }, { name: "21709", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21709", }, { name: "VU#845620", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/845620", }, { name: "SSA:2006-257-02", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306", }, { name: "GLSA-200609-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200609-18.xml", }, { name: "20061108 Multiple Vulnerabilities in OpenSSL library", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml", }, { name: "102686", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1", }, { name: "24950", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24950", }, { name: "19849", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/19849", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2006-4339", datePublished: "2006-09-05T17:00:00", dateReserved: "2006-08-24T00:00:00", dateUpdated: "2024-08-07T19:06:07.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-5810
Vulnerability from cvelistv5
Published
2007-11-05 17:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/42026 | vdb-entry, x_refsource_OSVDB | |
| http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/27421 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/3666 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/26271 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T15:47:00.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "42026", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/42026", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html", }, { name: "27421", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27421", }, { name: "ADV-2007-3666", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/3666", }, { name: "26271", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/26271", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-10-31T00:00:00", descriptions: [ { lang: "en", value: "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2007-11-17T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "42026", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/42026", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html", }, { name: "27421", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27421", }, { name: "ADV-2007-3666", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/3666", }, { name: "26271", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/26271", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-5810", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "42026", refsource: "OSVDB", url: "http://osvdb.org/42026", }, { name: "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html", refsource: "CONFIRM", url: "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html", }, { name: "27421", refsource: "SECUNIA", url: "http://secunia.com/advisories/27421", }, { name: "ADV-2007-3666", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/3666", }, { name: "26271", refsource: "BID", url: "http://www.securityfocus.com/bid/26271", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-5810", datePublished: "2007-11-05T17:00:00", dateReserved: "2007-11-05T00:00:00", dateUpdated: "2024-08-07T15:47:00.407Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.