FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4339

This CVE name corresponds to:

Entered Topic
2006-12-19 openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)
2006-09-22 opera -- RSA Signature Forgery

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-4339 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-4339
Phase Assigned(20060824)

Description

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

References

Source Reference
BUGTRAQ 20060905 rPSA-2006-0163-1 openssl openssl-scripts
BUGTRAQ 20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
BUGTRAQ 20070110 VMware ESX server security updates
BUGTRAQ 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
MLIST [ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error
MLIST [bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]
MLIST [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
MISC http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
MISC http://docs.info.apple.com/article.html?artnum=307177
CONFIRM http://www.openssl.org/news/secadv_20060905.txt
CONFIRM https://issues.rpath.com/browse/RPL-616
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
CONFIRM http://www.opera.com/support/search/supsearch.dml?index=845
CONFIRM http://openvpn.net/changelog.html
CONFIRM http://www.serv-u.com/releasenotes/
CONFIRM http://support.attachmate.com/techdocs/2137.html
CONFIRM http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
CONFIRM http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
CONFIRM http://www.sybase.com/detail?id=1047991
CONFIRM http://docs.info.apple.com/article.html?artnum=304829
CONFIRM http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
CONFIRM http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
CONFIRM http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
CONFIRM http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
CONFIRM http://support.attachmate.com/techdocs/2127.html
CONFIRM http://support.attachmate.com/techdocs/2128.html
CONFIRM https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
CONFIRM https://issues.rpath.com/browse/RPL-1633
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0005.html
CONFIRM http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
CONFIRM http://www.vmware.com/support/player/doc/releasenotes_player.html
CONFIRM http://www.vmware.com/support/player2/doc/releasenotes_player2.html
CONFIRM http://www.vmware.com/support/server/doc/releasenotes_server.html
CONFIRM http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
CONFIRM http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
APPLE APPLE-SA-2006-11-28
APPLE APPLE-SA-2007-12-14
BEA BEA07-169.00
CISCO 20061108 Multiple Vulnerabilities in OpenSSL library
CISCO 20061108 Multiple Vulnerabilities in OpenSSL Library
DEBIAN DSA-1173
DEBIAN DSA-1174
FREEBSD FreeBSD-SA-06:19
GENTOO GLSA-200609-05
GENTOO GLSA-200609-18
GENTOO GLSA-200610-06
HP HPSBUX02165
HP SSRT061266
HP HPSBUX02153
HP SSRT061181
HP HPSBUX02186
HP SSRT071299
HP HPSBTU02207
HP SSRT061213
HP SSRT061239
HP SSRT071304
HP HPSBUX02219
HP SSRT061273
HP HPSBMA02250
HP SSRT061275
MANDRIVA MDKSA-2006:161
MANDRIVA MDKSA-2006:177
MANDRIVA MDKSA-2006:178
MANDRIVA MDKSA-2006:207
OPENBSD [3.9] 20060908 011: SECURITY FIX: September 8, 2006
OPENPKG OpenPKG-SA-2006.029
OPENPKG OpenPKG-SA-2006.018
REDHAT RHSA-2006:0661
REDHAT RHSA-2007:0062
REDHAT RHSA-2007:0072
REDHAT RHSA-2007:0073
SGI 20060901-01-P
SLACKWARE SSA:2006-257-02
SLACKWARE SSA:2006-310-01
SUNALERT 102648
SUNALERT 102657
SUNALERT 102656
SUNALERT 102696
SUNALERT 102686
SUNALERT 102722
SUNALERT 102744
SUNALERT 102759
SUNALERT 201247
SUNALERT 201534
SUNALERT 200708
SUSE SUSE-SA:2006:055
SUSE SUSE-SA:2006:061
SUSE SUSE-SR:2006:026
SUSE SUSE-SA:2007:010
CERT TA06-333A
CERT-VN VU#845620
BID 19849
BID 22083
BID 28276
FRSIRT ADV-2006-3453
FRSIRT ADV-2006-3566
FRSIRT ADV-2006-3730
FRSIRT ADV-2006-3793
FRSIRT ADV-2006-3899
FRSIRT ADV-2006-3936
FRSIRT ADV-2006-4205
FRSIRT ADV-2006-4206
FRSIRT ADV-2006-4207
FRSIRT ADV-2006-4327
FRSIRT ADV-2006-4329
FRSIRT ADV-2006-4366
FRSIRT ADV-2006-4417
FRSIRT ADV-2006-4586
FRSIRT ADV-2006-4750
FRSIRT ADV-2006-4744
FRSIRT ADV-2006-5146
FRSIRT ADV-2007-0254
FRSIRT ADV-2007-0343
FRSIRT ADV-2006-4216
FRSIRT ADV-2007-1401
FRSIRT ADV-2007-1815
FRSIRT ADV-2007-1945
FRSIRT ADV-2007-2163
FRSIRT ADV-2006-3748
FRSIRT ADV-2007-2315
FRSIRT ADV-2007-2783
FRSIRT ADV-2007-4224
FRSIRT ADV-2008-0905
OSVDB 28549
SECTRACK 1016791
SECTRACK 1017522
SECUNIA 21709
UBUNTU USN-339-1
SECUNIA 21778
SECUNIA 21785
SECUNIA 21812
SECUNIA 21823
SECUNIA 21852
SECUNIA 21791
SECUNIA 21767
SECUNIA 21776
SECUNIA 21873
SECUNIA 21906
SECUNIA 21846
SECUNIA 21927
SECUNIA 21870
SECUNIA 22036
SECUNIA 21982
SECUNIA 21930
SECUNIA 22161
SECUNIA 22259
SECUNIA 22260
SECUNIA 22226
SECUNIA 22232
SECUNIA 22284
SECUNIA 22325
SECUNIA 22446
SECUNIA 22509
SECUNIA 22513
SECUNIA 22523
SECUNIA 22545
SECUNIA 22585
SECUNIA 22733
SECUNIA 22671
SECUNIA 22689
SECUNIA 22758
SECUNIA 22799
SECUNIA 22711
SECUNIA 22934
SECUNIA 22936
SECUNIA 22937
SECUNIA 22938
SECUNIA 22939
SECUNIA 22940
SECUNIA 22949
SECUNIA 22948
SECUNIA 23155
SECUNIA 23455
SECUNIA 23680
SECUNIA 23794
SECUNIA 23841
SECUNIA 23915
SECUNIA 22044
SECUNIA 22932
SECUNIA 24099
SECUNIA 24950
SECUNIA 24930
SECUNIA 25284
SECUNIA 25399
SECUNIA 25649
SECUNIA 22066
SECUNIA 26329
SECUNIA 26893
SECUNIA 28115
XF openssl-rsa-security-bypass(28755)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.