Action not permitted
Modal body text goes here.
jvndb-2007-000772
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2014-05-23 18:32
Summary
Hitachi Web Server SSL Client Authentication Vulnerability
Details
Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.
The vulnerability does not affect the product if the SSL authenticaton client feature is disabled.
References
Impacted products
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "dc:date": "2014-05-23T18:32+09:00", "dcterms:issued": "2008-05-21T00:00+09:00", "dcterms:modified": "2014-05-23T18:32+09:00", "description": "Hitachi Web Server accepts an SSL certificate sent by a clinet trying to connect to the Server even if the certificate is fraudulent.\r\n\r\nThe vulnerability does not affect the product if the SSL authenticaton client feature is disabled.", "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000772.html", "sec:cpe": [ { "#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise", "@product": "Cosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_standard", "@product": "Cosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_application_server_version_5", "@product": "Cosminexus Application Server Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6", "@product": "Cosminexus Developer Light Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6", "@product": "Cosminexus Developer Professional Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6", "@product": "Cosminexus Developer Standard Version 6", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_developer_version_5", "@product": "Cosminexus Developer Version 5", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition", "@product": "Cosminexus Server - Enterprise Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition", "@product": "Cosminexus Server - Standard Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4", "@product": "Cosminexus Server - Standard Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition", "@product": "Cosminexus Server - Web Edition", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4", "@product": "Cosminexus Server - Web Edition Version 4", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:hitachi_web_server", "@product": "Hitachi Web Server", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise", "@product": "uCosminexus Application Server Enterprise", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_application_server_standard", "@product": "uCosminexus Application Server Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer", "@product": "uCosminexus Developer", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_light", "@product": "uCosminexus Developer Light", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_developer_standard", "@product": "uCosminexus Developer Standard", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_architect", "@product": "uCosminexus Service Architect", "@vendor": "Hitachi, Ltd", "@version": "2.2" }, { "#text": "cpe:/a:hitachi:ucosminexus_service_platform", "@product": "uCosminexus Service Platform", "@vendor": "Hitachi, Ltd", "@version": "2.2" } ], "sec:cvss": { "@score": "5.0", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "@version": "2.0" }, "sec:identifier": "JVNDB-2007-000772", "sec:references": [ { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "CVE" }, { "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "CVE" }, { "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5810", "@id": "CVE-2007-5810", "@source": "NVD" }, { "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339", "@id": "CVE-2006-4339", "@source": "NVD" }, { "#text": "http://secunia.com/advisories/27421", "@id": "SA27421", "@source": "SECUNIA" }, { "#text": "http://xforce.iss.net/xforce/xfdb/28755", "@id": "28755", "@source": "XF" }, { "#text": "http://www.frsirt.com/english/advisories/2007/3666", "@id": "FrSIRT/ADV-2007-3666", "@source": "FRSIRT" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-20", "@title": "Improper Input Validation(CWE-20)" } ], "title": "Hitachi Web Server SSL Client Authentication Vulnerability" }
cve-2006-4339
Vulnerability from cvelistv5
Published
2006-09-05 17:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T19:06:07.378Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/" }, { "name": "ADV-2006-4750", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4750" }, { "name": "SSRT061273", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01070495" }, { "name": "ADV-2006-3453", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3453" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html" }, { "name": "23915", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23915" }, { "name": "201534", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1" }, { "name": "HPSBMA02250", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" }, { "name": "JVN#51615542", "tags": [ "third-party-advisory", "x_refsource_JVN", "x_transferred" ], "url": "http://jvn.jp/en/jp/JVN51615542/index.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=307177" }, { "name": "60799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/60799" }, { "name": "28549", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/28549" }, { "name": "ADV-2006-4366", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4366" }, { "name": "22932", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22932" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "21791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21791" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html" }, { "name": "GLSA-201408-19", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "26893", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26893" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openssl.org/news/secadv_20060905.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" }, { "name": "22509", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22509" }, { "name": "MDKSA-2006:207", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207" }, { "name": "RHSA-2006:0661", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0661.html" }, { "name": "SUSE-SA:2006:061", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html" }, { "name": "21930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21930" }, { "name": "22940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22940" }, { "name": "SSRT071304", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "21852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21852" }, { "name": "BEA07-169.00", "tags": [ "vendor-advisory", "x_refsource_BEA", "x_transferred" ], "url": "http://dev2dev.bea.com/pub/advisory/238" }, { "name": "21823", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21823" }, { "name": "102657", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1" }, { "name": "22758", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22758" }, { "name": "22938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22938" }, { "name": "ADV-2006-3899", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3899" }, { "name": "22044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22044" }, { "name": "ADV-2007-1945", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1945" }, { "name": "RHSA-2007:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html" }, { "name": "OpenPKG-SA-2006.029", "tags": [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred" ], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html" }, { "name": "ADV-2006-4206", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4206" }, { "name": "ADV-2006-3730", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3730" }, { "name": "SSRT071299", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" }, { "name": "21812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21812" }, { "name": "22523", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22523" }, { "name": "HPSBUX02165", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded" }, { "name": "22689", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22689" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=304829" }, { "name": "23794", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23794" }, { "name": "SSRT090208", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "102759", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1" }, { "name": "GLSA-200609-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200609-05.xml" }, { "name": "22711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22711" }, { "name": "20060905 rPSA-2006-0163-1 openssl openssl-scripts", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded" }, { "name": "23680", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23680" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://openvpn.net/changelog.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" }, { "name": "[3.9] 20060908 011: SECURITY FIX: September 8, 2006", "tags": [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred" ], "url": "http://www.openbsd.org/errata.html" }, { "name": "22733", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22733" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1633" }, { "name": "22949", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22949" }, { "name": "SSA:2006-310-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955" }, { "name": "USN-339-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-339-1" }, { "name": "ADV-2006-3566", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3566" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf" }, { "name": "SUSE-SR:2006:026", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" }, { "name": "102744", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1" }, { "name": "22446", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22446" }, { "name": "22939", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22939" }, { "name": "24099", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24099" }, { "name": "20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded" }, { "name": "25284", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25284" }, { "name": "22083", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/22083" }, { "name": "MDKSA-2006:178", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178" }, { "name": "1016791", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016791" }, { "name": "25649", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25649" }, { "name": "ADV-2010-0366", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "22671", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22671" }, { "name": "[ietf-openpgp] 20060827 Bleichenbacher\u0027s RSA signature forgery based on implementation error", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html" }, { "name": "102722", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1" }, { "name": "21785", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21785" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" }, { "name": "31492", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/31492" }, { "name": "ADV-2006-4329", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4329" }, { "name": "DSA-1173", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.us.debian.org/security/2006/dsa-1173" }, { "name": "38567", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38567" }, { "name": "22284", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22284" }, { "name": "24930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24930" }, { "name": "ADV-2006-4327", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4327" }, { "name": "MDKSA-2006:161", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161" }, { "name": "21778", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21778" }, { "name": "RHSA-2008:0629", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html" }, { "name": "102696", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1" }, { "name": "APPLE-SA-2007-12-14", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html" }, { "name": "ADV-2007-2163", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2163" }, { "name": "26329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26329" }, { "name": "22260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22260" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html" }, { "name": "ADV-2007-0343", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0343" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117" }, { "name": "102656", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1" }, { "name": "SUSE-SA:2007:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html" }, { "name": "SSRT061213", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "20060901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" }, { "name": "21982", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21982" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.attachmate.com/techdocs/2137.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-616" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.attachmate.com/techdocs/2127.html" }, { "name": "GLSA-200610-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml" }, { "name": "DSA-1174", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1174" }, { "name": "23155", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23155" }, { "name": "1000148", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openoffice.org/security/cves/CVE-2006-4339.html" }, { "name": "22799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22799" }, { "name": "ADV-2006-4207", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4207" }, { "name": "ADV-2006-4417", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4417" }, { "name": "HPSBUX02186", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.sybase.com/detail?id=1047991" }, { "name": "SSRT061239", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "21873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21873" }, { "name": "HPSBOV02683", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "RHSA-2007:0072", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0072.html" }, { "name": "JVNDB-2012-000079", "tags": [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred" ], "url": "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.serv-u.com/releasenotes/" }, { "name": "ADV-2006-4744", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4744" }, { "name": "38568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/38568" }, { "name": "21846", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21846" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html" }, { "name": "HPSBUX02219", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01070495" }, { "name": "ADV-2007-0254", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/0254" }, { "name": "SSRT061266", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742" }, { "name": "ADV-2007-4224", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/4224" }, { "name": "22161", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22161" }, { "name": "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2" }, { "name": "22937", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22937" }, { "name": "22325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22325" }, { "name": "102648", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1" }, { "name": "ADV-2007-2315", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2315" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.opera.com/support/search/supsearch.dml?index=845" }, { "name": "APPLE-SA-2006-11-28", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html" }, { "name": "21767", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21767" }, { "name": "ADV-2007-1815", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1815" }, { "name": "22232", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22232" }, { "name": "TA06-333A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html" }, { "name": "21906", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21906" }, { "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded" }, { "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742" }, { "name": "22934", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22934" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" }, { "name": "RHSA-2007:0073", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html" }, { "name": "22585", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22585" }, { "name": "25399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25399" }, { "name": "ADV-2008-0905", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0905/references" }, { "name": "ADV-2007-1401", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1401" }, { "name": "201247", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1" }, { "name": "openssl-rsa-security-bypass(28755)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755" }, { "name": "22513", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22513" }, { "name": "41818", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/41818" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.attachmate.com/techdocs/2128.html" }, { "name": "oval:org.mitre.oval:def:11656", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" }, { "name": "21776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21776" }, { "name": "SSRT061275", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" }, { "name": "FreeBSD-SA-06:19", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc" }, { "name": "23455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23455" }, { "name": "20070110 VMware ESX server security updates", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded" }, { "name": "28115", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28115" }, { "name": "22226", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22226" }, { "name": "ADV-2006-3936", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3936" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22066" }, { "name": "22936", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22936" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" }, { "name": "HPSBTU02207", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "OpenPKG-SA-2006.018", "tags": [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred" ], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html" }, { "name": "MDKSA-2006:177", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177" }, { "name": "22545", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22545" }, { "name": "1017522", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1017522" }, { "name": "22948", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22948" }, { "name": "20061108 Multiple Vulnerabilities in OpenSSL Library", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html" }, { "name": "23841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/23841" }, { "name": "ADV-2006-4205", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4205" }, { "name": "ADV-2007-2783", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2783" }, { "name": "22259", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22259" }, { "name": "22036", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22036" }, { "name": "200708", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1" }, { "name": "ADV-2006-4586", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4586" }, { "name": "21927", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21927" }, { "name": "SUSE-SA:2006:055", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html" }, { "name": "ADV-2006-5146", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/5146" }, { "name": "21870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21870" }, { "name": "ADV-2006-4216", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4216" }, { "name": "ADV-2006-3793", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3793" }, { "name": "28276", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/28276" }, { "name": "21709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21709" }, { "name": "VU#845620", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/845620" }, { "name": "SSA:2006-257-02", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306" }, { "name": "GLSA-200609-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200609-18.xml" }, { "name": "20061108 Multiple Vulnerabilities in OpenSSL library", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml" }, { "name": "102686", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1" }, { "name": "24950", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24950" }, { "name": "19849", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19849" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-08-27T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/" }, { "name": "ADV-2006-4750", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4750" }, { "name": "SSRT061273", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01070495" }, { "name": "ADV-2006-3453", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3453" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html" }, { "name": "23915", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23915" }, { "name": "201534", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1" }, { "name": "HPSBMA02250", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" }, { "name": "JVN#51615542", "tags": [ "third-party-advisory", "x_refsource_JVN" ], "url": "http://jvn.jp/en/jp/JVN51615542/index.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://docs.info.apple.com/article.html?artnum=307177" }, { "name": "60799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/60799" }, { "name": "28549", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/28549" }, { "name": "ADV-2006-4366", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4366" }, { "name": "22932", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22932" }, { "name": "ADV-2006-3748", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3748" }, { "name": "21791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21791" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html" }, { "name": "GLSA-201408-19", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "name": "26893", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26893" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openssl.org/news/secadv_20060905.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" }, { "name": "22509", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22509" }, { "name": "MDKSA-2006:207", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:207" }, { "name": "RHSA-2006:0661", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0661.html" }, { "name": "SUSE-SA:2006:061", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html" }, { "name": "21930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21930" }, { "name": "22940", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22940" }, { "name": "SSRT071304", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "21852", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21852" }, { "name": "BEA07-169.00", "tags": [ "vendor-advisory", "x_refsource_BEA" ], "url": "http://dev2dev.bea.com/pub/advisory/238" }, { "name": "21823", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21823" }, { "name": "102657", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1" }, { "name": "22758", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22758" }, { "name": "22938", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22938" }, { "name": "ADV-2006-3899", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3899" }, { "name": "22044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22044" }, { "name": "ADV-2007-1945", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1945" }, { "name": "RHSA-2007:0062", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html" }, { "name": "OpenPKG-SA-2006.029", "tags": [ "vendor-advisory", "x_refsource_OPENPKG" ], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html" }, { "name": "ADV-2006-4206", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4206" }, { "name": "ADV-2006-3730", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3730" }, { "name": "SSRT071299", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" }, { "name": "21812", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21812" }, { "name": "22523", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22523" }, { "name": "HPSBUX02165", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded" }, { "name": "22689", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22689" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=304829" }, { "name": "23794", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23794" }, { "name": "SSRT090208", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "102759", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1" }, { "name": "GLSA-200609-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200609-05.xml" }, { "name": "22711", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22711" }, { "name": "20060905 rPSA-2006-0163-1 openssl openssl-scripts", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded" }, { "name": "23680", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23680" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://openvpn.net/changelog.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" }, { "name": "[3.9] 20060908 011: SECURITY FIX: September 8, 2006", "tags": [ "vendor-advisory", "x_refsource_OPENBSD" ], "url": "http://www.openbsd.org/errata.html" }, { "name": "22733", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22733" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1633" }, { "name": "22949", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22949" }, { "name": "SSA:2006-310-01", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955" }, { "name": "USN-339-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-339-1" }, { "name": "ADV-2006-3566", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3566" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf" }, { "name": "SUSE-SR:2006:026", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" }, { "name": "102744", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1" }, { "name": "22446", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22446" }, { "name": "22939", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22939" }, { "name": "24099", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24099" }, { "name": "20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded" }, { "name": "25284", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25284" }, { "name": "22083", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/22083" }, { "name": "MDKSA-2006:178", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178" }, { "name": "1016791", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016791" }, { "name": "25649", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25649" }, { "name": "ADV-2010-0366", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0366" }, { "name": "22671", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22671" }, { "name": "[ietf-openpgp] 20060827 Bleichenbacher\u0027s RSA signature forgery based on implementation error", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html" }, { "name": "102722", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1" }, { "name": "21785", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21785" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" }, { "name": "31492", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/31492" }, { "name": "ADV-2006-4329", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4329" }, { "name": "DSA-1173", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.us.debian.org/security/2006/dsa-1173" }, { "name": "38567", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38567" }, { "name": "22284", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22284" }, { "name": "24930", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24930" }, { "name": "ADV-2006-4327", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4327" }, { "name": "MDKSA-2006:161", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:161" }, { "name": "21778", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21778" }, { "name": "RHSA-2008:0629", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html" }, { "name": "102696", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1" }, { "name": "APPLE-SA-2007-12-14", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html" }, { "name": "ADV-2007-2163", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2163" }, { "name": "26329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26329" }, { "name": "22260", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22260" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html" }, { "name": "ADV-2007-0343", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0343" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=3117" }, { "name": "102656", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1" }, { "name": "SUSE-SA:2007:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html" }, { "name": "SSRT061213", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "20060901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" }, { "name": "21982", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21982" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.attachmate.com/techdocs/2137.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-616" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.attachmate.com/techdocs/2127.html" }, { "name": "GLSA-200610-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml" }, { "name": "DSA-1174", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1174" }, { "name": "23155", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23155" }, { "name": "1000148", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openoffice.org/security/cves/CVE-2006-4339.html" }, { "name": "22799", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22799" }, { "name": "ADV-2006-4207", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4207" }, { "name": "ADV-2006-4417", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4417" }, { "name": "HPSBUX02186", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.sybase.com/detail?id=1047991" }, { "name": "SSRT061239", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "21873", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21873" }, { "name": "HPSBOV02683", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "RHSA-2007:0072", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0072.html" }, { "name": "JVNDB-2012-000079", "tags": [ "third-party-advisory", "x_refsource_JVNDB" ], "url": "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.serv-u.com/releasenotes/" }, { "name": "ADV-2006-4744", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4744" }, { "name": "38568", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/38568" }, { "name": "21846", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21846" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html" }, { "name": "HPSBUX02219", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01070495" }, { "name": "ADV-2007-0254", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/0254" }, { "name": "SSRT061266", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded" }, { "name": "SSRT061181", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742" }, { "name": "ADV-2007-4224", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/4224" }, { "name": "22161", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22161" }, { "name": "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2" }, { "name": "22937", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22937" }, { "name": "22325", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22325" }, { "name": "102648", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1" }, { "name": "ADV-2007-2315", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2315" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.opera.com/support/search/supsearch.dml?index=845" }, { "name": "APPLE-SA-2006-11-28", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html" }, { "name": "21767", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21767" }, { "name": "ADV-2007-1815", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1815" }, { "name": "22232", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22232" }, { "name": "TA06-333A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html" }, { "name": "21906", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21906" }, { "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded" }, { "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" }, { "name": "HPSBUX02153", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742" }, { "name": "22934", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22934" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" }, { "name": "RHSA-2007:0073", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html" }, { "name": "22585", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22585" }, { "name": "25399", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25399" }, { "name": "ADV-2008-0905", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0905/references" }, { "name": "ADV-2007-1401", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1401" }, { "name": "201247", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1" }, { "name": "openssl-rsa-security-bypass(28755)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755" }, { "name": "22513", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22513" }, { "name": "41818", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/41818" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.attachmate.com/techdocs/2128.html" }, { "name": "oval:org.mitre.oval:def:11656", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" }, { "name": "21776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21776" }, { "name": "SSRT061275", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" }, { "name": "FreeBSD-SA-06:19", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc" }, { "name": "23455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23455" }, { "name": "20070110 VMware ESX server security updates", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded" }, { "name": "28115", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28115" }, { "name": "22226", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22226" }, { "name": "ADV-2006-3936", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3936" }, { "name": "22066", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22066" }, { "name": "22936", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22936" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" }, { "name": "HPSBTU02207", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" }, { "name": "OpenPKG-SA-2006.018", "tags": [ "vendor-advisory", "x_refsource_OPENPKG" ], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html" }, { "name": "MDKSA-2006:177", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177" }, { "name": "22545", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22545" }, { "name": "1017522", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1017522" }, { "name": "22948", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22948" }, { "name": "20061108 Multiple Vulnerabilities in OpenSSL Library", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html" }, { "name": "23841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/23841" }, { "name": "ADV-2006-4205", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4205" }, { "name": "ADV-2007-2783", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2783" }, { "name": "22259", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22259" }, { "name": "22036", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22036" }, { "name": "200708", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1" }, { "name": "ADV-2006-4586", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4586" }, { "name": "21927", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21927" }, { "name": "SUSE-SA:2006:055", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html" }, { "name": "ADV-2006-5146", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/5146" }, { "name": "21870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21870" }, { "name": "ADV-2006-4216", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4216" }, { "name": "ADV-2006-3793", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3793" }, { "name": "28276", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/28276" }, { "name": "21709", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21709" }, { "name": "VU#845620", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/845620" }, { "name": "SSA:2006-257-02", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306" }, { "name": "GLSA-200609-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200609-18.xml" }, { "name": "20061108 Multiple Vulnerabilities in OpenSSL library", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml" }, { "name": "102686", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1" }, { "name": "24950", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24950" }, { "name": "19849", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19849" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-4339", "datePublished": "2006-09-05T17:00:00", "dateReserved": "2006-08-24T00:00:00", "dateUpdated": "2024-08-07T19:06:07.378Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-5810
Vulnerability from cvelistv5
Published
2007-11-05 17:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
References
▼ | URL | Tags |
---|---|---|
http://osvdb.org/42026 | vdb-entry, x_refsource_OSVDB | |
http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html | x_refsource_CONFIRM | |
http://secunia.com/advisories/27421 | third-party-advisory, x_refsource_SECUNIA | |
http://www.vupen.com/english/advisories/2007/3666 | vdb-entry, x_refsource_VUPEN | |
http://www.securityfocus.com/bid/26271 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:47:00.407Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "42026", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/42026" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html" }, { "name": "27421", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27421" }, { "name": "ADV-2007-3666", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3666" }, { "name": "26271", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/26271" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-10-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-17T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "42026", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/42026" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html" }, { "name": "27421", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27421" }, { "name": "ADV-2007-3666", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3666" }, { "name": "26271", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/26271" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5810", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "42026", "refsource": "OSVDB", "url": "http://osvdb.org/42026" }, { "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html", "refsource": "CONFIRM", "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html" }, { "name": "27421", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27421" }, { "name": "ADV-2007-3666", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3666" }, { "name": "26271", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26271" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5810", "datePublished": "2007-11-05T17:00:00", "dateReserved": "2007-11-05T00:00:00", "dateUpdated": "2024-08-07T15:47:00.407Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.