CVE-2006-4339

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

penSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

References

Link	Resource
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
http://dev2dev.bea.com/pub/advisory/238
http://docs.info.apple.com/article.html?artnum=304829
http://docs.info.apple.com/article.html?artnum=307177
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
http://jvn.jp/en/jp/JVN51615542/index.html
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://marc.info/?l=bind-announce&m=116253119512445&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://openvpn.net/changelog.html
http://secunia.com/advisories/21709	Patch Vendor Advisory
http://secunia.com/advisories/21767	Vendor Advisory
http://secunia.com/advisories/21776	Vendor Advisory
http://secunia.com/advisories/21778	Vendor Advisory
http://secunia.com/advisories/21785	Vendor Advisory
http://secunia.com/advisories/21791	Vendor Advisory
http://secunia.com/advisories/21812	Vendor Advisory
http://secunia.com/advisories/21823	Vendor Advisory
http://secunia.com/advisories/21846	Vendor Advisory
http://secunia.com/advisories/21852	Vendor Advisory
http://secunia.com/advisories/21870	Vendor Advisory
http://secunia.com/advisories/21873	Vendor Advisory
http://secunia.com/advisories/21906	Vendor Advisory
http://secunia.com/advisories/21927	Vendor Advisory
http://secunia.com/advisories/21930	Vendor Advisory
http://secunia.com/advisories/21982	Vendor Advisory
http://secunia.com/advisories/22036	Vendor Advisory
http://secunia.com/advisories/22044
http://secunia.com/advisories/22066
http://secunia.com/advisories/22161	Vendor Advisory
http://secunia.com/advisories/22226	Vendor Advisory
http://secunia.com/advisories/22232	Vendor Advisory
http://secunia.com/advisories/22259	Vendor Advisory
http://secunia.com/advisories/22260	Vendor Advisory
http://secunia.com/advisories/22284
http://secunia.com/advisories/22325
http://secunia.com/advisories/22446
http://secunia.com/advisories/22509
http://secunia.com/advisories/22513
http://secunia.com/advisories/22523
http://secunia.com/advisories/22545
http://secunia.com/advisories/22585
http://secunia.com/advisories/22671
http://secunia.com/advisories/22689
http://secunia.com/advisories/22711
http://secunia.com/advisories/22733
http://secunia.com/advisories/22758
http://secunia.com/advisories/22799
http://secunia.com/advisories/22932
http://secunia.com/advisories/22934
http://secunia.com/advisories/22936
http://secunia.com/advisories/22937
http://secunia.com/advisories/22938
http://secunia.com/advisories/22939
http://secunia.com/advisories/22940
http://secunia.com/advisories/22948
http://secunia.com/advisories/22949
http://secunia.com/advisories/23155
http://secunia.com/advisories/23455
http://secunia.com/advisories/23680
http://secunia.com/advisories/23794
http://secunia.com/advisories/23841
http://secunia.com/advisories/23915
http://secunia.com/advisories/24099
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://secunia.com/advisories/25284
http://secunia.com/advisories/25399
http://secunia.com/advisories/25649
http://secunia.com/advisories/26329
http://secunia.com/advisories/26893
http://secunia.com/advisories/28115
http://secunia.com/advisories/31492
http://secunia.com/advisories/38567
http://secunia.com/advisories/38568
http://secunia.com/advisories/41818
http://secunia.com/advisories/60799
http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc
http://security.gentoo.org/glsa/glsa-200609-05.xml
http://security.gentoo.org/glsa/glsa-200609-18.xml
http://securitytracker.com/id?1016791
http://securitytracker.com/id?1017522
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1
http://support.attachmate.com/techdocs/2127.html
http://support.attachmate.com/techdocs/2128.html
http://support.attachmate.com/techdocs/2137.html
http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.debian.org/security/2006/dsa-1174	Patch
http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html
http://www.kb.cert.org/vuls/id/845620	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:161
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://www.mandriva.com/security/advisories?name=MDKSA-2006:207
http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
http://www.novell.com/linux/security/advisories/2006_26_sr.html
http://www.novell.com/linux/security/advisories/2006_55_ssl.html
http://www.novell.com/linux/security/advisories/2006_61_opera.html
http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html
http://www.openbsd.org/errata.html
http://www.openoffice.org/security/cves/CVE-2006-4339.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html
http://www.openssl.org/news/secadv_20060905.txt	Patch Vendor Advisory
http://www.opera.com/support/search/supsearch.dml?index=845
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.osvdb.org/28549
http://www.redhat.com/support/errata/RHSA-2006-0661.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0062.html
http://www.redhat.com/support/errata/RHSA-2007-0072.html
http://www.redhat.com/support/errata/RHSA-2007-0073.html
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://www.securityfocus.com/archive/1/445231/100/0/threaded
http://www.securityfocus.com/archive/1/445822/100/0/threaded
http://www.securityfocus.com/archive/1/450327/100/0/threaded
http://www.securityfocus.com/archive/1/450327/100/0/threaded
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/19849	Patch
http://www.securityfocus.com/bid/22083
http://www.securityfocus.com/bid/28276
http://www.serv-u.com/releasenotes/
http://www.sybase.com/detail?id=1047991
http://www.ubuntu.com/usn/usn-339-1	Patch
http://www.us-cert.gov/cas/techalerts/TA06-333A.html	US Government Resource
http://www.us.debian.org/security/2006/dsa-1173	Patch
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://www.vupen.com/english/advisories/2006/3453
http://www.vupen.com/english/advisories/2006/3566
http://www.vupen.com/english/advisories/2006/3730
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2006/3793
http://www.vupen.com/english/advisories/2006/3899
http://www.vupen.com/english/advisories/2006/3936
http://www.vupen.com/english/advisories/2006/4205
http://www.vupen.com/english/advisories/2006/4206
http://www.vupen.com/english/advisories/2006/4207
http://www.vupen.com/english/advisories/2006/4216
http://www.vupen.com/english/advisories/2006/4327
http://www.vupen.com/english/advisories/2006/4329
http://www.vupen.com/english/advisories/2006/4366
http://www.vupen.com/english/advisories/2006/4417
http://www.vupen.com/english/advisories/2006/4586
http://www.vupen.com/english/advisories/2006/4744
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2006/5146
http://www.vupen.com/english/advisories/2007/0254
http://www.vupen.com/english/advisories/2007/0343
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/1815
http://www.vupen.com/english/advisories/2007/1945
http://www.vupen.com/english/advisories/2007/2163
http://www.vupen.com/english/advisories/2007/2315
http://www.vupen.com/english/advisories/2007/2783
http://www.vupen.com/english/advisories/2007/4224
http://www.vupen.com/english/advisories/2008/0905/references
http://www.vupen.com/english/advisories/2010/0366
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://exchange.xforce.ibmcloud.com/vulnerabilities/28755
https://issues.rpath.com/browse/RPL-1633
https://issues.rpath.com/browse/RPL-616
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656
https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
http://dev2dev.bea.com/pub/advisory/238
http://docs.info.apple.com/article.html?artnum=304829
http://docs.info.apple.com/article.html?artnum=307177
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
http://jvn.jp/en/jp/JVN51615542/index.html
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
http://marc.info/?l=bind-announce&m=116253119512445&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://marc.info/?l=bugtraq&m=130497311408250&w=2
http://openvpn.net/changelog.html
http://secunia.com/advisories/21709	Patch Vendor Advisory
http://secunia.com/advisories/21767	Vendor Advisory
http://secunia.com/advisories/21776	Vendor Advisory
http://secunia.com/advisories/21778	Vendor Advisory
http://secunia.com/advisories/21785	Vendor Advisory
http://secunia.com/advisories/21791	Vendor Advisory
http://secunia.com/advisories/21812	Vendor Advisory
http://secunia.com/advisories/21823	Vendor Advisory
http://secunia.com/advisories/21846	Vendor Advisory
http://secunia.com/advisories/21852	Vendor Advisory
http://secunia.com/advisories/21870	Vendor Advisory
http://secunia.com/advisories/21873	Vendor Advisory
http://secunia.com/advisories/21906	Vendor Advisory
http://secunia.com/advisories/21927	Vendor Advisory
http://secunia.com/advisories/21930	Vendor Advisory
http://secunia.com/advisories/21982	Vendor Advisory
http://secunia.com/advisories/22036	Vendor Advisory
http://secunia.com/advisories/22044
http://secunia.com/advisories/22066
http://secunia.com/advisories/22161	Vendor Advisory
http://secunia.com/advisories/22226	Vendor Advisory
http://secunia.com/advisories/22232	Vendor Advisory
http://secunia.com/advisories/22259	Vendor Advisory
http://secunia.com/advisories/22260	Vendor Advisory
http://secunia.com/advisories/22284
http://secunia.com/advisories/22325
http://secunia.com/advisories/22446
http://secunia.com/advisories/22509
http://secunia.com/advisories/22513
http://secunia.com/advisories/22523
http://secunia.com/advisories/22545
http://secunia.com/advisories/22585
http://secunia.com/advisories/22671
http://secunia.com/advisories/22689
http://secunia.com/advisories/22711
http://secunia.com/advisories/22733
http://secunia.com/advisories/22758
http://secunia.com/advisories/22799
http://secunia.com/advisories/22932
http://secunia.com/advisories/22934
http://secunia.com/advisories/22936
http://secunia.com/advisories/22937
http://secunia.com/advisories/22938
http://secunia.com/advisories/22939
http://secunia.com/advisories/22940
http://secunia.com/advisories/22948
http://secunia.com/advisories/22949
http://secunia.com/advisories/23155
http://secunia.com/advisories/23455
http://secunia.com/advisories/23680
http://secunia.com/advisories/23794
http://secunia.com/advisories/23841
http://secunia.com/advisories/23915
http://secunia.com/advisories/24099
http://secunia.com/advisories/24930
http://secunia.com/advisories/24950
http://secunia.com/advisories/25284
http://secunia.com/advisories/25399
http://secunia.com/advisories/25649
http://secunia.com/advisories/26329
http://secunia.com/advisories/26893
http://secunia.com/advisories/28115
http://secunia.com/advisories/31492
http://secunia.com/advisories/38567
http://secunia.com/advisories/38568
http://secunia.com/advisories/41818
http://secunia.com/advisories/60799
http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc
http://security.gentoo.org/glsa/glsa-200609-05.xml
http://security.gentoo.org/glsa/glsa-200609-18.xml
http://securitytracker.com/id?1016791
http://securitytracker.com/id?1017522
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1
http://support.attachmate.com/techdocs/2127.html
http://support.attachmate.com/techdocs/2128.html
http://support.attachmate.com/techdocs/2137.html
http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
http://www.debian.org/security/2006/dsa-1174	Patch
http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html
http://www.kb.cert.org/vuls/id/845620	US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:161
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
http://www.mandriva.com/security/advisories?name=MDKSA-2006:207
http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
http://www.novell.com/linux/security/advisories/2006_26_sr.html
http://www.novell.com/linux/security/advisories/2006_55_ssl.html
http://www.novell.com/linux/security/advisories/2006_61_opera.html
http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html
http://www.openbsd.org/errata.html
http://www.openoffice.org/security/cves/CVE-2006-4339.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html
http://www.openssl.org/news/secadv_20060905.txt	Patch Vendor Advisory
http://www.opera.com/support/search/supsearch.dml?index=845
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.osvdb.org/28549
http://www.redhat.com/support/errata/RHSA-2006-0661.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0062.html
http://www.redhat.com/support/errata/RHSA-2007-0072.html
http://www.redhat.com/support/errata/RHSA-2007-0073.html
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://www.securityfocus.com/archive/1/445231/100/0/threaded
http://www.securityfocus.com/archive/1/445822/100/0/threaded
http://www.securityfocus.com/archive/1/450327/100/0/threaded
http://www.securityfocus.com/archive/1/450327/100/0/threaded
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/bid/19849	Patch
http://www.securityfocus.com/bid/22083
http://www.securityfocus.com/bid/28276
http://www.serv-u.com/releasenotes/
http://www.sybase.com/detail?id=1047991
http://www.ubuntu.com/usn/usn-339-1	Patch
http://www.us-cert.gov/cas/techalerts/TA06-333A.html	US Government Resource
http://www.us.debian.org/security/2006/dsa-1173	Patch
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://www.vupen.com/english/advisories/2006/3453
http://www.vupen.com/english/advisories/2006/3566
http://www.vupen.com/english/advisories/2006/3730
http://www.vupen.com/english/advisories/2006/3748
http://www.vupen.com/english/advisories/2006/3793
http://www.vupen.com/english/advisories/2006/3899
http://www.vupen.com/english/advisories/2006/3936
http://www.vupen.com/english/advisories/2006/4205
http://www.vupen.com/english/advisories/2006/4206
http://www.vupen.com/english/advisories/2006/4207
http://www.vupen.com/english/advisories/2006/4216
http://www.vupen.com/english/advisories/2006/4327
http://www.vupen.com/english/advisories/2006/4329
http://www.vupen.com/english/advisories/2006/4366
http://www.vupen.com/english/advisories/2006/4417
http://www.vupen.com/english/advisories/2006/4586
http://www.vupen.com/english/advisories/2006/4744
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2006/5146
http://www.vupen.com/english/advisories/2007/0254
http://www.vupen.com/english/advisories/2007/0343
http://www.vupen.com/english/advisories/2007/1401
http://www.vupen.com/english/advisories/2007/1815
http://www.vupen.com/english/advisories/2007/1945
http://www.vupen.com/english/advisories/2007/2163
http://www.vupen.com/english/advisories/2007/2315
http://www.vupen.com/english/advisories/2007/2783
http://www.vupen.com/english/advisories/2007/4224
http://www.vupen.com/english/advisories/2008/0905/references
http://www.vupen.com/english/advisories/2010/0366
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
https://exchange.xforce.ibmcloud.com/vulnerabilities/28755
https://issues.rpath.com/browse/RPL-1633
https://issues.rpath.com/browse/RPL-616
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656
https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openssl:openssl::::::::
	cpe:2.3:a:openssl:openssl:0.9.1c:::::::*
	cpe:2.3:a:openssl:openssl:0.9.2b:::::::*
	cpe:2.3:a:openssl:openssl:0.9.3:::::::*
	cpe:2.3:a:openssl:openssl:0.9.3a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.4:::::::*
	cpe:2.3:a:openssl:openssl:0.9.5:::::::*
	cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::
	cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.5a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::
	cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.6:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::
	cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::
	cpe:2.3:a:openssl:openssl:0.9.6a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::
	cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::
	cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::
	cpe:2.3:a:openssl:openssl:0.9.6b:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6c:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6d:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6e:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6f:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6g:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6h:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6i:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6j:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6k:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6l:::::::*
	cpe:2.3:a:openssl:openssl:0.9.6m:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7b:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7c:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7d:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7e:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7f:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7g:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7h:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7i:::::::*
	cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
	cpe:2.3:a:openssl:openssl:0.9.8b:::::::*

History

21 Nov 2024, 00:15

Information

Published : 2006-09-05 17:04

Updated : 2025-04-03 01:03

NVD link : CVE-2006-4339

Mitre link : CVE-2006-4339

CVE.ORG link : CVE-2006-4339

JSON object : View

Products Affected

openssl

openssl

CWE

CWE-310

Cryptographic Issues

4.3 /10