Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:
CVE Vulnerabilities
38426
Checklists
128
US-CERT Alerts
179
US-CERT Vuln Notes
2345
OVAL Queries
2517
CPE Names
17819

Last updated: Tue Aug 25 12:45:12 EDT 2009

CVE Publication rate: 17.23

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index

Vulnerability Workload Index: 10.27

About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Cyber-Alert System

Vulnerability Summary for CVE-2006-4339

Original release date:09/05/2006
Last revised:08/18/2009
Source: US-CERT/NIST

Overview

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:5.1 (MEDIUM) (AV:N/AC:H/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 4.9
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: High
Authentication: Not required to exploit
Impact Type:Provides user account access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Vendor Statments (disclaimer)

Official Statement from Red Hat (03/14/2007)
Vulnerable. This issue affects OpenSSL and OpenSSL compatibility packages in Red Hat Enterprise Linux 2.1, 3, and 4. Updates, along with our advisory are available at the URL below. http://rhn.redhat.com/errata/RHSA-2006-0661.html Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#845620
Name: VU#845620
Hyperlink:http://www.kb.cert.org/vuls/id/845620
US-CERT Technical Alert: TA06-333A
Name: TA06-333A
Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-333A.html
External Source: DEBIAN
Name: DSA-1173
Type: Patch Information
Hyperlink:http://www.us.debian.org/security/2006/dsa-1173
External Source: UBUNTU
Name: USN-339-1
Type: Patch Information
Hyperlink:http://www.ubuntu.com/usn/usn-339-1
External Source: BID
Name: 19849
Type: Patch Information
Hyperlink:http://www.securityfocus.com/bid/19849
External Source: CONFIRM
Name: http://www.openssl.org/news/secadv_20060905.txt
Type: Advisory; Patch Information
Hyperlink:http://www.openssl.org/news/secadv_20060905.txt
External Source: VUPEN
Name: ADV-2006-3453
Type: Advisory; Patch Information
Hyperlink:http://www.frsirt.com/english/advisories/2006/3453
External Source: DEBIAN
Name: DSA-1174
Type: Patch Information
Hyperlink:http://www.debian.org/security/2006/dsa-1174
External Source: SECUNIA
Name: 21709
Type: Advisory; Patch Information
Hyperlink:http://secunia.com/advisories/21709
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: CONFIRM
Name: https://issues.rpath.com/browse/RPL-616
Hyperlink:https://issues.rpath.com/browse/RPL-616
External Source: XF
Name: openssl-rsa-security-bypass(28755)
Hyperlink:http://xforce.iss.net/xforce/xfdb/28755
External Source: HP
Name: HPSBUX02165
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/450327/100/0/threaded
External Source: HP
Name: HPSBUX02165
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/450327/100/0/threaded
External Source: HP
Name: HPSBUX02165
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/450327/100/0/threaded
External Source: HP
Name: HPSBUX02165
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/450327/100/0/threaded
External Source: BUGTRAQ
Name: 20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/445822/100/0/threaded
External Source: BUGTRAQ
Name: 20060905 rPSA-2006-0163-1 openssl openssl-scripts
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/445231/100/0/threaded
External Source: REDHAT
Name: RHSA-2008:0629
Hyperlink:http://www.redhat.com/support/errata/RHSA-2008-0629.html
External Source: REDHAT
Name: RHSA-2006:0661
Hyperlink:http://www.redhat.com/support/errata/RHSA-2006-0661.html
External Source: OSVDB
Name: 28549
Hyperlink:http://www.osvdb.org/28549
External Source: CONFIRM
Name: http://www.opera.com/support/search/supsearch.dml?index=845
Hyperlink:http://www.opera.com/support/search/supsearch.dml?index=845
External Source: OPENBSD
Name: [3.9] 20060908 011: SECURITY FIX: September 8, 2006
Hyperlink:http://www.openbsd.org/errata.html
External Source: SUSE
Name: SUSE-SA:2006:055
Hyperlink:http://www.novell.com/linux/security/advisories/2006_55_ssl.html
External Source: MISC
Name: http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
Hyperlink:http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
External Source: MANDRIVA
Name: MDKSA-2006:161
Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:161
External Source: MLIST
Name: [ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error
Hyperlink:http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html
External Source: VUPEN
Name: ADV-2006-3793
Type: Advisory
Hyperlink:http://www.frsirt.com/english/advisories/2006/3793
External Source: VUPEN
Name: ADV-2006-3730
Type: Advisory
Hyperlink:http://www.frsirt.com/english/advisories/2006/3730
External Source: VUPEN
Name: ADV-2006-3566
Type: Advisory
Hyperlink:http://www.frsirt.com/english/advisories/2006/3566
External Source: CONFIRM
Name: http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
Hyperlink:http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
External Source: SLACKWARE
Name: SSA:2006-257-02
Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306
External Source: SECTRACK
Name: 1016791
Hyperlink:http://securitytracker.com/id?1016791
External Source: GENTOO
Name: GLSA-200609-18
Hyperlink:http://security.gentoo.org/glsa/glsa-200609-18.xml
External Source: GENTOO
Name: GLSA-200609-05
Hyperlink:http://security.gentoo.org/glsa/glsa-200609-05.xml
External Source: FREEBSD
Name: FreeBSD-SA-06:19
Hyperlink:http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc
External Source: SECUNIA
Name: 31492
Hyperlink:http://secunia.com/advisories/31492
External Source: SECUNIA
Name: 22259
Type: Advisory
Hyperlink:http://secunia.com/advisories/22259
External Source: SECUNIA
Name: 22161
Type: Advisory
Hyperlink:http://secunia.com/advisories/22161
External Source: SECUNIA
Name: 22036
Type: Advisory
Hyperlink:http://secunia.com/advisories/22036
External Source: SECUNIA
Name: 21982
Type: Advisory
Hyperlink:http://secunia.com/advisories/21982
External Source: SECUNIA
Name: 21930
Type: Advisory
Hyperlink:http://secunia.com/advisories/21930
External Source: SECUNIA
Name: 21927
Type: Advisory
Hyperlink:http://secunia.com/advisories/21927
External Source: SECUNIA
Name: 21906
Type: Advisory
Hyperlink:http://secunia.com/advisories/21906
External Source: SECUNIA
Name: 21873
Type: Advisory
Hyperlink:http://secunia.com/advisories/21873
External Source: SECUNIA
Name: 21870
Type: Advisory
Hyperlink:http://secunia.com/advisories/21870
External Source: SECUNIA
Name: 21852
Type: Advisory
Hyperlink:http://secunia.com/advisories/21852
External Source: SECUNIA
Name: 21846
Type: Advisory
Hyperlink:http://secunia.com/advisories/21846
External Source: SECUNIA
Name: 21823
Type: Advisory
Hyperlink:http://secunia.com/advisories/21823
External Source: SECUNIA
Name: 21812
Type: Advisory
Hyperlink:http://secunia.com/advisories/21812
External Source: SECUNIA
Name: 21791
Type: Advisory
Hyperlink:http://secunia.com/advisories/21791
External Source: SECUNIA
Name: 21785
Type: Advisory
Hyperlink:http://secunia.com/advisories/21785
External Source: SECUNIA
Name: 21778
Type: Advisory
Hyperlink:http://secunia.com/advisories/21778
External Source: SECUNIA
Name: 21776
Type: Advisory
Hyperlink:http://secunia.com/advisories/21776
External Source: SECUNIA
Name: 21767
Type: Advisory
Hyperlink:http://secunia.com/advisories/21767
External Source: HP
Name: HPSBMA02250
Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
External Source: HP
Name: HPSBUX02219
Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
External Source: MANDRIVA
Name: MDKSA-2006:178
Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:178
External Source: MANDRIVA
Name: MDKSA-2006:177
Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:177
External Source: SGI
Name: 20060901-01-P
Hyperlink:ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
External Source: HP
Name: SSRT061239
Hyperlink:https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
External Source: CONFIRM
Name: https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
Hyperlink:https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
External Source: CONFIRM
Name: https://issues.rpath.com/browse/RPL-1633
Hyperlink:https://issues.rpath.com/browse/RPL-1633
External Source: CONFIRM
Name: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
Hyperlink:http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
External Source: HP
Name: HPSBUX02153
Hyperlink:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
External Source: CONFIRM
Name: http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Hyperlink:http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
External Source: CONFIRM
Name: http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Hyperlink:http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
External Source: CONFIRM
Name: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
Hyperlink:http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
Hyperlink:http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/server/doc/releasenotes_server.html
Hyperlink:http://www.vmware.com/support/server/doc/releasenotes_server.html
External Source: CONFIRM
Name: http://www.vmware.com/support/player2/doc/releasenotes_player2.html
Hyperlink:http://www.vmware.com/support/player2/doc/releasenotes_player2.html
External Source: CONFIRM
Name: http://www.vmware.com/support/player/doc/releasenotes_player.html
Hyperlink:http://www.vmware.com/support/player/doc/releasenotes_player.html
External Source: CONFIRM
Name: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
Hyperlink:http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
Hyperlink:http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
Hyperlink:http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
Hyperlink:http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
External Source: CONFIRM
Name: http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
Hyperlink:http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
External Source: CONFIRM
Name: http://www.vmware.com/security/advisories/VMSA-2008-0005.html
Hyperlink:http://www.vmware.com/security/advisories/VMSA-2008-0005.html
External Source: CONFIRM
Name: http://www.sybase.com/detail?id=1047991
Hyperlink:http://www.sybase.com/detail?id=1047991
External Source: CONFIRM
Name: http://www.serv-u.com/releasenotes/
Hyperlink:http://www.serv-u.com/releasenotes/
External Source: BID
Name: 28276
Hyperlink:http://www.securityfocus.com/bid/28276
External Source: BID
Name: 22083
Hyperlink:http://www.securityfocus.com/bid/22083
External Source: BUGTRAQ
Name: 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded
External Source: BUGTRAQ
Name: 20070110 VMware ESX server security updates
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded
External Source: HP
Name: HPSBUX02165
Hyperlink:http://www.securityfocus.com/archive/1/archive/1/450327/100/0/threaded
External Source: REDHAT
Name: RHSA-2007:0073
Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0073.html
External Source: REDHAT
Name: RHSA-2007:0072
Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0072.html
External Source: REDHAT
Name: RHSA-2007:0062
Hyperlink:http://www.redhat.com/support/errata/RHSA-2007-0062.html
External Source: CONFIRM
Name: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
Hyperlink:http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
External Source: OPENPKG
Name: OpenPKG-SA-2006.029
Hyperlink:http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html
External Source: OPENPKG
Name: OpenPKG-SA-2006.018
Hyperlink:http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html
External Source: SUSE
Name: SUSE-SA:2007:010
Hyperlink:http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html
External Source: SUSE
Name: SUSE-SA:2006:061
Hyperlink:http://www.novell.com/linux/security/advisories/2006_61_opera.html
External Source: SUSE
Name: SUSE-SR:2006:026
Hyperlink:http://www.novell.com/linux/security/advisories/2006_26_sr.html
External Source: MANDRIVA
Name: MDKSA-2006:207
Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:207
External Source: MANDRIVA
Name: MDKSA-2006:178
Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
External Source: MANDRIVA
Name: MDKSA-2006:177
Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
External Source: GENTOO
Name: GLSA-200610-06
Hyperlink:http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml
External Source: VUPEN
Name: ADV-2008-0905
Hyperlink:http://www.frsirt.com/english/advisories/2008/0905/references
External Source: VUPEN
Name: ADV-2007-4224
Hyperlink:http://www.frsirt.com/english/advisories/2007/4224
External Source: VUPEN
Name: ADV-2007-2783
Hyperlink:http://www.frsirt.com/english/advisories/2007/2783
External Source: VUPEN
Name: ADV-2007-2315
Hyperlink:http://www.frsirt.com/english/advisories/2007/2315
External Source: VUPEN
Name: ADV-2007-2163
Hyperlink:http://www.frsirt.com/english/advisories/2007/2163
External Source: VUPEN
Name: ADV-2007-1945
Hyperlink:http://www.frsirt.com/english/advisories/2007/1945
External Source: VUPEN
Name: ADV-2007-1815
Hyperlink:http://www.frsirt.com/english/advisories/2007/1815
External Source: VUPEN
Name: ADV-2007-1401
Hyperlink:http://www.frsirt.com/english/advisories/2007/1401
External Source: VUPEN
Name: ADV-2007-0343
Hyperlink:http://www.frsirt.com/english/advisories/2007/0343
External Source: VUPEN
Name: ADV-2007-0254
Hyperlink:http://www.frsirt.com/english/advisories/2007/0254
External Source: VUPEN
Name: ADV-2006-5146
Hyperlink:http://www.frsirt.com/english/advisories/2006/5146
External Source: VUPEN
Name: ADV-2006-4750
Hyperlink:http://www.frsirt.com/english/advisories/2006/4750
External Source: VUPEN
Name: ADV-2006-4744
Hyperlink:http://www.frsirt.com/english/advisories/2006/4744
External Source: VUPEN
Name: ADV-2006-4586
Hyperlink:http://www.frsirt.com/english/advisories/2006/4586
External Source: VUPEN
Name: ADV-2006-4417
Hyperlink:http://www.frsirt.com/english/advisories/2006/4417
External Source: VUPEN
Name: ADV-2006-4366
Hyperlink:http://www.frsirt.com/english/advisories/2006/4366
External Source: VUPEN
Name: ADV-2006-4329
Hyperlink:http://www.frsirt.com/english/advisories/2006/4329
External Source: VUPEN
Name: ADV-2006-4327
Hyperlink:http://www.frsirt.com/english/advisories/2006/4327
External Source: VUPEN
Name: ADV-2006-4216
Hyperlink:http://www.frsirt.com/english/advisories/2006/4216
External Source: VUPEN
Name: ADV-2006-4207
Hyperlink:http://www.frsirt.com/english/advisories/2006/4207
External Source: VUPEN
Name: ADV-2006-4206
Hyperlink:http://www.frsirt.com/english/advisories/2006/4206
External Source: VUPEN
Name: ADV-2006-4205
Hyperlink:http://www.frsirt.com/english/advisories/2006/4205
External Source: VUPEN
Name: ADV-2006-3936
Hyperlink:http://www.frsirt.com/english/advisories/2006/3936
External Source: VUPEN
Name: ADV-2006-3899
Hyperlink:http://www.frsirt.com/english/advisories/2006/3899
External Source: VUPEN
Name: ADV-2006-3748
Hyperlink:http://www.frsirt.com/english/advisories/2006/3748
External Source: CISCO
Name: 20061108 Multiple Vulnerabilities in OpenSSL library
Hyperlink:http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
External Source: CISCO
Name: 20061108 Multiple Vulnerabilities in OpenSSL Library
Hyperlink:http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
External Source: CONFIRM
Name: http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
Hyperlink:http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
External Source: CONFIRM
Name: http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
Hyperlink:http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
External Source: CONFIRM
Name: http://support.attachmate.com/techdocs/2137.html
Hyperlink:http://support.attachmate.com/techdocs/2137.html
External Source: CONFIRM
Name: http://support.attachmate.com/techdocs/2128.html
Hyperlink:http://support.attachmate.com/techdocs/2128.html
External Source: CONFIRM
Name: http://support.attachmate.com/techdocs/2127.html
Hyperlink:http://support.attachmate.com/techdocs/2127.html
External Source: SUNALERT
Name: 201534
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
External Source: SUNALERT
Name: 201247
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1
External Source: SUNALERT
Name: 200708
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1
External Source: SUNALERT
Name: 102759
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1
External Source: SUNALERT
Name: 102744
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1
External Source: SUNALERT
Name: 102722
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1
External Source: SUNALERT
Name: 102696
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1
External Source: SUNALERT
Name: 102686
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1
External Source: SUNALERT
Name: 102657
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1
External Source: SUNALERT
Name: 102656
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1
External Source: SUNALERT
Name: 102648
Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
External Source: SLACKWARE
Name: SSA:2006-310-01
Hyperlink:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955
External Source: SECTRACK
Name: 1017522
Hyperlink:http://securitytracker.com/id?1017522
External Source: SECUNIA
Name: 28115
Hyperlink:http://secunia.com/advisories/28115
External Source: SECUNIA
Name: 26893
Hyperlink:http://secunia.com/advisories/26893
External Source: SECUNIA
Name: 26329
Hyperlink:http://secunia.com/advisories/26329
External Source: SECUNIA
Name: 25649
Hyperlink:http://secunia.com/advisories/25649
External Source: SECUNIA
Name: 25399
Hyperlink:http://secunia.com/advisories/25399
External Source: SECUNIA
Name: 25284
Hyperlink:http://secunia.com/advisories/25284
External Source: SECUNIA
Name: 24950
Hyperlink:http://secunia.com/advisories/24950
External Source: SECUNIA
Name: 24930
Hyperlink:http://secunia.com/advisories/24930
External Source: SECUNIA
Name: 24099
Hyperlink:http://secunia.com/advisories/24099
External Source: SECUNIA
Name: 23915
Hyperlink:http://secunia.com/advisories/23915
External Source: SECUNIA
Name: 23841
Hyperlink:http://secunia.com/advisories/23841
External Source: SECUNIA
Name: 23794
Hyperlink:http://secunia.com/advisories/23794
External Source: SECUNIA
Name: 23680
Hyperlink:http://secunia.com/advisories/23680
External Source: SECUNIA
Name: 23455
Hyperlink:http://secunia.com/advisories/23455
External Source: SECUNIA
Name: 23155
Hyperlink:http://secunia.com/advisories/23155
External Source: SECUNIA
Name: 22949
Hyperlink:http://secunia.com/advisories/22949
External Source: SECUNIA
Name: 22948
Hyperlink:http://secunia.com/advisories/22948
External Source: SECUNIA
Name: 22940
Hyperlink:http://secunia.com/advisories/22940
External Source: SECUNIA
Name: 22939
Hyperlink:http://secunia.com/advisories/22939
External Source: SECUNIA
Name: 22938
Hyperlink:http://secunia.com/advisories/22938
External Source: SECUNIA
Name: 22937
Hyperlink:http://secunia.com/advisories/22937
External Source: SECUNIA
Name: 22936
Hyperlink:http://secunia.com/advisories/22936
External Source: SECUNIA
Name: 22934
Hyperlink:http://secunia.com/advisories/22934
External Source: SECUNIA
Name: 22932
Hyperlink:http://secunia.com/advisories/22932
External Source: SECUNIA
Name: 22799
Hyperlink:http://secunia.com/advisories/22799
External Source: SECUNIA
Name: 22758
Hyperlink:http://secunia.com/advisories/22758
External Source: SECUNIA
Name: 22733
Hyperlink:http://secunia.com/advisories/22733
External Source: SECUNIA
Name: 22711
Hyperlink:http://secunia.com/advisories/22711
External Source: SECUNIA
Name: 22689
Hyperlink:http://secunia.com/advisories/22689
External Source: SECUNIA
Name: 22671
Hyperlink:http://secunia.com/advisories/22671
External Source: SECUNIA
Name: 22585
Hyperlink:http://secunia.com/advisories/22585
External Source: SECUNIA
Name: 22545
Hyperlink:http://secunia.com/advisories/22545
External Source: SECUNIA
Name: 22523
Hyperlink:http://secunia.com/advisories/22523
External Source: SECUNIA
Name: 22513
Hyperlink:http://secunia.com/advisories/22513
External Source: SECUNIA
Name: 22509
Hyperlink:http://secunia.com/advisories/22509
External Source: SECUNIA
Name: 22446
Hyperlink:http://secunia.com/advisories/22446
External Source: SECUNIA
Name: 22325
Hyperlink:http://secunia.com/advisories/22325
External Source: SECUNIA
Name: 22284
Hyperlink:http://secunia.com/advisories/22284
External Source: SECUNIA
Name: 22260
Hyperlink:http://secunia.com/advisories/22260
External Source: SECUNIA
Name: 22232
Hyperlink:http://secunia.com/advisories/22232
External Source: SECUNIA
Name: 22226
Hyperlink:http://secunia.com/advisories/22226
External Source: SECUNIA
Name: 22066
Hyperlink:http://secunia.com/advisories/22066
External Source: SECUNIA
Name: 22044
Hyperlink:http://secunia.com/advisories/22044
External Source: CONFIRM
Name: http://openvpn.net/changelog.html
Hyperlink:http://openvpn.net/changelog.html
External Source: MLIST
Name: [bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]
Hyperlink:http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445&w=2
External Source: MLIST
Name: [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
Hyperlink:http://lists.vmware.com/pipermail/security-announce/2008/000008.html
External Source: APPLE
Name: APPLE-SA-2007-12-14
Hyperlink:http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
External Source: APPLE
Name: APPLE-SA-2006-11-28
Hyperlink:http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
External Source: HP
Name: SSRT071299
Hyperlink:http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
External Source: HP
Name: HPSBMA02250
Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
External Source: HP
Name: HPSBUX02219
Hyperlink:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
External Source: MANDRIVA
Name: MDKSA-2006:207
Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:207
External Source: MISC
Name: http://docs.info.apple.com/article.html?artnum=307177
Hyperlink:http://docs.info.apple.com/article.html?artnum=307177
External Source: CONFIRM
Name: http://docs.info.apple.com/article.html?artnum=304829
Hyperlink:http://docs.info.apple.com/article.html?artnum=304829
External Source: BEA
Name: BEA07-169.00
Hyperlink:http://dev2dev.bea.com/pub/advisory/238

Vulnerable software and versions

Nav control imageConfiguration 1
spacerNav control imageOR
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7a
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7b
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7c
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7d
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7e
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7f
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7g
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7h
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7i
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7j
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.8
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.8a
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.8b
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.7 and previous versions
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6g
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6f
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6i
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6h
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6c
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6e
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6d
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6k
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6j
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6l
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5a:beta2
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6b
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6a
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6a:beta1
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6a:beta2
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6a:beta3
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6:beta1
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6:beta2
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6:beta3
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5:beta2
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5a
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5a:beta1
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.3a
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.4
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.5:beta1
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.3
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.2b
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.1c
spacerspacerNav control image* cpe:/a:openssl:openssl:0.9.6m
* Denotes Vulnerable Software
* Changes related to vulnerability configurations

Technical Details

Vulnerability Type (View All)
CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339