Code injection

In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509...

CVE-2018-16149

In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures and put them on X.50...

Code injection

In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures and put them on X.50...

Code injection

In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509...

CVE-2018-16150

In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509...

CVE-2018-16150

Removed by vendor...

CVE-2018-16150

In axTLS 2.1.3 and earlier, the PKCS#1 v1.5 signature verification in sig_verify() fails to reject excess data after the hash, enabling signature forgery when small public exponents are used. This can lead to impersonation via forged X.509 certificates. This CVE-2018-16150 is a variant of CVE-200...