fkie_cve-2006-4339
Vulnerability from fkie_nvd
Published
2006-09-05 17:04
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "118A4D99-B8CC-4276-BB72-4C384B16585D", versionEndIncluding: "0.9.7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", matchCriteriaId: "14D983EC-61B0-4FD9-89B5-9878E4CE4405", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", matchCriteriaId: "B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", matchCriteriaId: "BC4C5F05-BC0B-478D-9A6F-7C804777BA41", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", matchCriteriaId: "27F417A1-5D97-4BC4-8B97-5AC40236DA21", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", matchCriteriaId: "8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", matchCriteriaId: "4EDB5A09-BE86-4352-9799-A875649EDB7D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", matchCriteriaId: "B6231CAA-00A8-41CE-8436-B84518014CF1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", matchCriteriaId: "A70AD93B-E876-4EAB-9970-752D42E15E99", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", matchCriteriaId: "F03FA9C0-24C7-46AC-92EC-7834BC34C79B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", matchCriteriaId: "716ADA01-38B8-4C15-A3BB-D9688DA30599", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", matchCriteriaId: "B73326F7-7DCE-4EDE-95D7-AE7AED263A14", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", matchCriteriaId: "B5E4742C-A983-4F00-B24F-AB280C0E876D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", matchCriteriaId: "EA2D251C-9C45-4EFE-8262-E88AB7CE713A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", matchCriteriaId: "6D81E175-E698-40EF-9601-425893FFB1FC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", matchCriteriaId: "FA0F25B7-A172-4300-8718-112E817A6165", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", matchCriteriaId: "8A0628DF-3A4C-4078-B615-22260671EABF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", matchCriteriaId: "52B1BE89-BAE0-4656-943B-B9B81D9B54B3", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", matchCriteriaId: "D097222B-ED20-459C-9167-55751FA2C87A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", matchCriteriaId: "86DDC8F2-7920-4A73-927E-562C89806972", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", matchCriteriaId: "962FCB86-15AD-4399-8B7D-EC1DEA919C59", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", matchCriteriaId: "2636B92E-47D5-42EA-9585-A2B84FBE71CB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", matchCriteriaId: "72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", matchCriteriaId: "4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", matchCriteriaId: "98693865-2E79-4BD6-9F89-1994BC9A3E73", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", matchCriteriaId: "D6476506-EC37-4726-82DC-D0E8254A8CDD", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", matchCriteriaId: "5D6ECEF7-CB16-4604-894B-6EB19F1CEF55", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", matchCriteriaId: "1C81EF3D-4DB7-4799-9670-8D79E28CA184", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", matchCriteriaId: "A8116A66-175C-4E6D-9A9B-D54C1D97D213", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", matchCriteriaId: "382C1679-DA1D-4FA4-9D5E-B86CC5052D49", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", matchCriteriaId: "8A4E446D-B9D3-45F2-9722-B41FA14A6C31", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", matchCriteriaId: "AF4EA988-FC80-4170-8933-7C6663731981", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", matchCriteriaId: "64F8F53B-24A1-4877-B16E-F1917C4E4E81", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.", }, { lang: "es", value: "OpenSSL en versiones anteriores a 0.9.7, 0.9.7 en versiones anteriores a 0.9.7k y 0.9.8 en versiones anteriores a 0.9.8c, cuando usa una clave RSA con exponente 3, elimina relleno PKCS-1 antes de generar un hash, lo que permite a atacantes remotos falsificar una firma PKCS #1 v1.5 que está firmada por dicha clave RSA e impide a OpenSSL verificar correctamente los certificados X.509 y otros que utilizan PKCS #1.", }, ], id: "CVE-2006-4339", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-09-05T17:04:00.000", references: [ { source: "secalert@redhat.com", url: "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", }, { source: "secalert@redhat.com", url: "http://dev2dev.bea.com/pub/advisory/238", }, { source: "secalert@redhat.com", url: "http://docs.info.apple.com/article.html?artnum=304829", }, { source: "secalert@redhat.com", url: "http://docs.info.apple.com/article.html?artnum=307177", }, { source: "secalert@redhat.com", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { source: "secalert@redhat.com", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { source: "secalert@redhat.com", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { source: "secalert@redhat.com", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { source: "secalert@redhat.com", url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { source: "secalert@redhat.com", url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { source: "secalert@redhat.com", url: "http://jvn.jp/en/jp/JVN51615542/index.html", }, { source: "secalert@redhat.com", url: "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bind-announce&m=116253119512445&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "secalert@redhat.com", url: "http://openvpn.net/changelog.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/21709", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21767", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21776", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21778", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21785", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21791", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21812", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21823", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21846", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21852", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21870", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21873", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21906", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21927", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21930", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21982", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22036", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22044", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22066", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22161", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22226", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22232", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22259", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22260", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22284", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22325", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22446", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22509", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22513", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22523", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22545", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22585", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22671", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22689", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22711", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22733", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22758", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22799", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22932", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22934", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22936", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22937", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22938", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22939", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22940", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22948", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/22949", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23155", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23455", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23680", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23794", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23841", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/23915", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/24099", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/24930", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/24950", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/25284", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/25399", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/25649", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/26329", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/26893", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/28115", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/31492", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/38567", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/38568", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/41818", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/60799", }, { source: "secalert@redhat.com", url: "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-200609-05.xml", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-200609-18.xml", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1016791", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1017522", }, { source: "secalert@redhat.com", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955", }, { source: "secalert@redhat.com", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1", }, { source: "secalert@redhat.com", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1", }, { source: "secalert@redhat.com", url: "http://support.attachmate.com/techdocs/2127.html", }, { source: "secalert@redhat.com", url: "http://support.attachmate.com/techdocs/2128.html", }, { source: "secalert@redhat.com", url: "http://support.attachmate.com/techdocs/2137.html", }, { source: "secalert@redhat.com", url: "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm", }, { source: "secalert@redhat.com", url: "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf", }, { source: "secalert@redhat.com", url: "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html", }, { source: "secalert@redhat.com", url: "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html", }, { source: "secalert@redhat.com", url: "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.debian.org/security/2006/dsa-1174", }, { source: "secalert@redhat.com", url: "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml", }, { source: "secalert@redhat.com", url: "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", }, { source: "secalert@redhat.com", url: "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html", }, { source: "secalert@redhat.com", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/845620", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207", }, { source: "secalert@redhat.com", url: "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/", }, { source: "secalert@redhat.com", url: "http://www.novell.com/linux/security/advisories/2006_26_sr.html", }, { source: "secalert@redhat.com", url: "http://www.novell.com/linux/security/advisories/2006_55_ssl.html", }, { source: "secalert@redhat.com", url: "http://www.novell.com/linux/security/advisories/2006_61_opera.html", }, { source: "secalert@redhat.com", url: "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html", }, { source: "secalert@redhat.com", url: "http://www.openbsd.org/errata.html", }, { source: "secalert@redhat.com", url: "http://www.openoffice.org/security/cves/CVE-2006-4339.html", }, { source: "secalert@redhat.com", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html", }, { source: "secalert@redhat.com", url: "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.openssl.org/news/secadv_20060905.txt", }, { source: "secalert@redhat.com", url: "http://www.opera.com/support/search/supsearch.dml?index=845", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", }, { source: "secalert@redhat.com", url: "http://www.osvdb.org/28549", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0661.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2007-0062.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2007-0072.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2007-0073.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2008-0629.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/445231/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/445822/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/456546/100/200/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/489739/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/19849", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/22083", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/28276", }, { source: "secalert@redhat.com", url: "http://www.serv-u.com/releasenotes/", }, { source: "secalert@redhat.com", url: "http://www.sybase.com/detail?id=1047991", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.ubuntu.com/usn/usn-339-1", }, { source: "secalert@redhat.com", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA06-333A.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.us.debian.org/security/2006/dsa-1173", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3453", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3566", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3730", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3748", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3793", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3899", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/3936", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4205", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4206", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4207", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4216", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4327", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4329", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4366", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4417", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4586", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4744", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/4750", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2006/5146", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/0254", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/0343", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/1401", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/1815", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/1945", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/2163", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/2315", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/2783", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2007/4224", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2008/0905/references", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2010/0366", }, { source: "secalert@redhat.com", url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { source: "secalert@redhat.com", url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { source: "secalert@redhat.com", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755", }, { source: "secalert@redhat.com", url: "https://issues.rpath.com/browse/RPL-1633", }, { source: "secalert@redhat.com", url: "https://issues.rpath.com/browse/RPL-616", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656", }, { source: "secalert@redhat.com", url: "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html", }, { source: "secalert@redhat.com", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "secalert@redhat.com", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "secalert@redhat.com", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "secalert@redhat.com", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://dev2dev.bea.com/pub/advisory/238", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://docs.info.apple.com/article.html?artnum=304829", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://docs.info.apple.com/article.html?artnum=307177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvn.jp/en/jp/JVN51615542/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.vmware.com/pipermail/security-announce/2008/000008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bind-announce&m=116253119512445&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=130497311408250&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openvpn.net/changelog.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/21709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21776", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21785", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21812", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21823", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21852", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21906", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21927", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/21982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22226", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22446", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22513", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22523", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22545", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22671", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22689", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22758", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22932", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22937", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22938", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22940", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/22949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23680", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23794", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23841", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24099", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26329", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/28115", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/31492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38567", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38568", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/41818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/60799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200609-05.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200609-18.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1016791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1017522", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.attachmate.com/techdocs/2127.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.attachmate.com/techdocs/2128.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.attachmate.com/techdocs/2137.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.debian.org/security/2006/dsa-1174", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/845620", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_26_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_55_ssl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_61_opera.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openbsd.org/errata.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openoffice.org/security/cves/CVE-2006-4339.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.openssl.org/news/secadv_20060905.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.opera.com/support/search/supsearch.dml?index=845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/28549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2006-0661.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2007-0062.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2007-0072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2007-0073.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2008-0629.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/445231/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/445822/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/450327/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/456546/100/200/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/489739/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/19849", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/22083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/28276", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.serv-u.com/releasenotes/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.sybase.com/detail?id=1047991", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.ubuntu.com/usn/usn-339-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA06-333A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.us.debian.org/security/2006/dsa-1173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/player/doc/releasenotes_player.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/server/doc/releasenotes_server.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3730", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3748", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3793", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/3936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4206", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4329", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4586", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/4750", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/5146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/0254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/0343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/1401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/1815", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/1945", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2783", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/4224", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/0905/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/0366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-616", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144", }, ], sourceIdentifier: "secalert@redhat.com", vendorComments: [ { comment: "Vulnerable. This issue affects OpenSSL and OpenSSL compatibility packages in Red Hat Enterprise Linux 2.1, 3, and 4. Updates, along with our advisory are available at the URL below.\nhttp://rhn.redhat.com/errata/RHSA-2006-0661.html\n\nRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.