Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures where under certain circumstances it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by OpenSSL.

checkpoint_advisories 1

securityvulns 3

f5 2

nessus 73

openvas 78

ubuntu 1

freebsd_advisory 1

slackware 2

debian 2

altlinux 3

jvn 1

cve 5

centos 2

debiancve 2

gentoo 2

osv 1

checkpoint_security 1

redhat 4

ubuntucve 3

cert 1

freebsd 3

suse 3

mozilla 1

cisco 1

oraclelinux 2

threatpost 1

checkpoint_advisories

Update Protection against OpenSSL RSA Key Signature Forgery Vulnerability

2006-11-13 00:00:00

securityvulns

OpenSSL Security Advisory [5th September 2006] RSA Signature Forgery (CVE-2006-4339)

2006-09-05 00:00:00

SIP over TLS: X.509 peer authentication vulnerability in Ingate products

2006-09-15 00:00:00

[OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind)

2006-11-05 00:00:00

SOL6623 - OpenSSL signature vulnerability - CVE-2006-4339

2007-05-16 00:00:00

K6623 : OpenSSL signature vulnerability - CVE-2006-4339

2013-03-26 00:00:00

nessus

HP-UX PHSS_35481 : HP-UX VirtualVault Remote Unauthorized Access (HPSBUX02165 SSRT061266 rev.1)

2006-11-22 00:00:00

GLSA-200609-05 : OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery

2006-09-12 00:00:00

Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : openssl (SSA:2006-257-02)

2006-09-15 00:00:00

openvas

SLES9: Security update for openssl

2009-10-10 00:00:00

Debian Security Advisory DSA 1174-1 (openssl096)

2008-01-17 00:00:00

FreeBSD Security Advisory (FreeBSD-SA-06:19.openssl.asc)

2008-09-04 00:00:00

ubuntu

OpenSSL vulnerability

2006-09-05 00:00:00

freebsd_advisory

FreeBSD-SA-06:19.openssl

2006-09-06 00:00:00

slackware

[slackware-security] bind

2006-11-07 06:26:27

[slackware-security] openssl

2006-09-14 22:05:20

debian

[SECURITY] [DSA 1173-1] New openssl packages fix RSA signature forgery cryptographic weakness

2006-09-10 12:25:00

[SECURITY] [DSA 1174-1] New openssl096 packages fix RSA signature forgery cryptographic weakness

2006-09-11 17:07:45

altlinux

Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt4

2006-09-06 00:00:00

Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt4

2006-09-06 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 0.9.7g-alt4

2006-09-06 00:00:00

jvn

JVN#51615542: Adobe Reader fails to properly handle signatures

2012-08-30 00:00:00

cve

CVE-2006-4339

2006-09-05 17:04:00

CVE-2006-5484

2006-10-24 22:07:00

CVE-2006-4790

2006-09-14 19:07:00

centos

openssl, openssl095a, openssl096 security update

2006-09-11 00:52:04

openssl, openssl096b security update

2006-09-08 09:58:00

debiancve

CVE-2006-4339

2006-09-05 17:04:00

CVE-2006-4340

2006-09-15 18:07:00

gentoo

OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery

2006-09-07 00:00:00

Mozilla Network Security Service (NSS): RSA signature forgery

2006-10-17 00:00:00

osv

openssl - cryptographic weakness

2006-09-10 00:00:00

checkpoint_security

OpenSSL CVE-2006-4339 8732 vulnerability Fix

2006-10-18 22:00:00

redhat

(RHSA-2006:0661) openssl security update

2006-09-06 00:00:00

(RHSA-2007:0062) Critical: java-1.4.2-ibm security update

2007-02-07 00:00:00

(RHSA-2007:0072) Critical: IBMJava2 security update

2007-02-08 00:00:00

ubuntucve

CVE-2006-4339

2006-09-05 00:00:00

CVE-2006-4790

2006-09-14 00:00:00

CVE-2006-4340

2006-09-15 00:00:00

cert

Multiple RSA implementations fail to properly handle signatures

2006-09-11 00:00:00

freebsd

openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)

2006-09-06 00:00:00

opera -- RSA Signature Forgery

2006-09-18 00:00:00

openoffice.org -- multiple vulnerabilities

2006-08-24 00:00:00

suse

remote code execution in opera

2006-10-19 13:18:21

RSA signature evasion in openssl,mozilla-nss

2006-09-22 15:25:59

remote code execution in IBMJava2

2007-01-18 16:13:31

mozilla

RSA Signature Forgery — Mozilla

2006-09-14 00:00:00

cisco

OpenSSL RSA Signature Forgery Vulnerability

2006-09-05 17:39:31

oraclelinux

Important openssl security update

2006-11-30 00:00:00

Important openssl security update

2006-11-30 00:00:00

threatpost

OpenOffice Zaps Six Security Bugs

2010-02-18 15:09:26

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.093 Low

EPSS

Percentile

94.6%

JSON

Related for OPENSSL:CVE-2006-4339