gnutls -- RSA Signature Forgery Vulnerability

ID 64BF6234-520D-11DB-8F1A-000A48049292
Type freebsd
Reporter FreeBSD
Modified 2006-09-08T00:00:00


Secunia reports:

A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the verification of certain signatures. If a RSA key with exponent 3 is used, it may be possible to forge PKCS #1 v1.5 signatures signed with that key.