20 matches found
CVE-2018-16253
CVE-2018-16253 describes a flaw in axTLS 2.1.3 and earlier where PKCS#1 v1.5 signature verification in sig_verify() of x509.c does not properly verify ASN.1 metadata, enabling a remote attacker to forge signatures under small public exponents and impersonate via fake X.509 certificates. The issue...
CVE-2018-16152
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...
Design/Logic Flaw
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...
CVE-2018-16152
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...
CVE-2018-16152
In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...
Solaris 10 (sparc) : 123938-04
GNOME 2.6.0: GNU Transport Layer Security Library Patch. Date this patch was last updated by Sun : Nov/15/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 10 (sparc) : 123938-05
GNOME 2.6.0: GNU Transport Layer Security Library Patch. Date this patch was last updated by Sun : Oct/17/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 10 (x86) : 123939-05
GNOME 2.6.0x86: GNU Transport Layer Security Library Patch. Date this patch was last updated by Sun : Oct/17/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 10 (x86) : 123939-03
GNOME 2.6.0x86: GNU Transport Layer Security Library Patch. Date this patch was last updated by Sun : Sep/13/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
SLES9: Security update for IBM Java2 JRE and SDK
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: IBMJava2-SDK IBMJava2-JRE For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...
SLES9: Security update for IBM Java2 JRE and SDK
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: IBMJava2-SDK IBMJava2-JRE For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...
SuSE9 Security Update : gnutls (YOU Patch Number 11228)
A security problem in the GNU TLS library has been found : If an RSA key with exponent 3 is used, the PKCS padding gets removed before generating a hash, which allows remote attackers to forge a PKCS signature that apapears to be signed by that RSA key and prevents gnutls from correctly verifying...
Gentoo Security Advisory GLSA 200609-15 (gnutls)
The remote host is missing updates announced in advisory GLSA 200609-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200609-15 (gnutls)
The remote host is missing updates announced in advisory GLSA 200609-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 2461)
This update brings IBM Java 1.4.2 to Service Release 7. It contains several undisclosed security fixes, including the fix for the RSA attack similar to Mitre CVE ID CVE-2006-4790. It also contains timezone updates : - US daylightsaving time update starting 2007. - Western Australia daylight savin...
SuSE 10 Security Update : gnutls (ZYPP Patch Number 2117)
A security problem was fixed in the GNU TLS library, where excess data was not checked during signature checking with RSA keys with exponent 3. This problem could be used to fake those RSA signatures. CVE-2006-4790 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this...
Solaris 10 (x86) : 123939-05 (deprecated)
GNOME 2.6.0x86: GNU Transport Layer Security Library Patch. Date this patch was last updated by Sun : Oct/17/16 This plugin has been deprecated and either replaced with individual 123939 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Debian DSA-1182-1 : gnutls11 - cryptographic weakness
Daniel Bleichenbacher discovered a flaw in GNU TLS cryptographic package that could allow an attacker to generate a forged signature that GNU TLS will accept as valid. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
[SECURITY] [DSA 1182-1] New gnutls11 packages fix RSA signature forgery cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 1182-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 22nd, 2006 http://www.debian.org/security/faq -...
CVE-2006-4790
CVE-2018-16253 (and related CVEs) describe a variant of CVE-2006-4790 where PKCS#1 v1.5 signature verification fails to reject excess data in digestAlgorithm.parameters, enabling remote forgery of signatures when small public exponents are used. Affected: axTLS (sig_verify in x509.c) up to versio...