FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4790

This CVE name corresponds to:

Entered Topic
2006-10-02 gnutls -- RSA Signature Forgery Vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-4790 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-4790
Phase Assigned(20060913)

Description

verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

References

Source Reference
MLIST [gnutls-dev] 20060908 Variant of Bleichenbacher's crypto 06 rump session attack
MLIST [gnutls-dev] 20060912 Re: Variant of Bleichenbacher's crypto 06 rump session attack
CONFIRM http://www.gnu.org/software/gnutls/security.html
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
DEBIAN DSA-1182
GENTOO GLSA-200609-15
MANDRIVA MDKSA-2006:166
REDHAT RHSA-2006:0680
SUNALERT 102648
SUNALERT 102970
SUSE SUSE-SR:2006:023
SUSE SUSE-SA:2007:010
UBUNTU USN-348-1
BID 20027
OVAL oval:org.mitre.oval:def:9937
VUPEN ADV-2006-3635
VUPEN ADV-2006-3899
VUPEN ADV-2007-2289
SECTRACK 1016844
SECUNIA 21942
SECUNIA 21937
SECUNIA 21973
SECUNIA 22049
SECUNIA 22084
SECUNIA 22097
SECUNIA 22226
SECUNIA 22080
SECUNIA 22992
SECUNIA 25762
XF gnutls-rsakey-security-bypass(28953)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.