Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
http://secunia.com/advisories/22204
http://secunia.com/advisories/22226
http://secunia.com/advisories/22325
http://secunia.com/advisories/22992
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
http://www.kb.cert.org/vuls/id/845620
http://www.vupen.com/english/advisories/2006/3898
Source: MITRE
Published: 2006-10-10
Updated: 2019-07-31
Type: NVD-CWE-Other
Base Score: 4
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:P
Impact Score: 4.9
Exploitability Score: 4.9
Severity: MEDIUM
OR
cpe:2.3:a:sun:nss:*:*:*:*:*:*:*:*
OR
cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*
OR
cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
OR
cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
OR
cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
OR
cpe:2.3:a:sun:jsse:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
109912 | Solaris 10 (x86) : 119214-37 | Nessus | Solaris Local Security Checks | medium |
109911 | Solaris 10 (sparc) : 119213-37 | Nessus | Solaris Local Security Checks | medium |
109884 | Solaris 10 (x86) : 119214-38 | Nessus | Solaris Local Security Checks | medium |
109882 | Solaris 10 (sparc) : 119213-38 | Nessus | Solaris Local Security Checks | medium |
107877 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
107816 | Solaris 10 (x86) : 119214-36 | Nessus | Solaris Local Security Checks | medium |
107815 | Solaris 10 (x86) : 119214-33 | Nessus | Solaris Local Security Checks | medium |
107814 | Solaris 10 (x86) : 119214-32 | Nessus | Solaris Local Security Checks | medium |
107813 | Solaris 10 (x86) : 119214-31 | Nessus | Solaris Local Security Checks | medium |
107812 | Solaris 10 (x86) : 119214-30 | Nessus | Solaris Local Security Checks | medium |
107811 | Solaris 10 (x86) : 119214-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
107796 | Solaris 10 (x86) : 116649-25 | Nessus | Solaris Local Security Checks | high |
107376 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
107313 | Solaris 10 (sparc) : 119213-36 | Nessus | Solaris Local Security Checks | medium |
107312 | Solaris 10 (sparc) : 119213-33 | Nessus | Solaris Local Security Checks | medium |
107311 | Solaris 10 (sparc) : 119213-32 | Nessus | Solaris Local Security Checks | medium |
107310 | Solaris 10 (sparc) : 119213-31 | Nessus | Solaris Local Security Checks | medium |
107309 | Solaris 10 (sparc) : 119213-30 | Nessus | Solaris Local Security Checks | medium |
107308 | Solaris 10 (sparc) : 119213-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
107295 | Solaris 10 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
27918 | Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerability (USN-339-1) | Nessus | Ubuntu Local Security Checks | medium |
27031 | Solaris 9 (x86) : 122715-03 | Nessus | Solaris Local Security Checks | high |
26166 | Solaris 9 (sparc) : 117123-10 | Nessus | Solaris Local Security Checks | high |
24592 | Mandrake Linux Security Advisory : bind (MDKSA-2006:207) | Nessus | Mandriva Local Security Checks | medium |
24564 | Mandrake Linux Security Advisory : ntp (MDKSA-2006:178) | Nessus | Mandriva Local Security Checks | critical |
24563 | Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177) | Nessus | Mandriva Local Security Checks | critical |
23905 | Mandrake Linux Security Advisory : openssl (MDKSA-2006:161) | Nessus | Mandriva Local Security Checks | medium |
23519 | Solaris 9 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
23414 | Solaris 8 (sparc) : 119209-36 | Nessus | Solaris Local Security Checks | high |
23381 | Solaris 8 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
23361 | Solaris 8 (sparc) : 114045-14 | Nessus | Solaris Local Security Checks | medium |
22946 | Solaris 10 (sparc) : 116648-25 (deprecated) | Nessus | Solaris Local Security Checks | high |
22716 | Debian DSA-1174-1 : openssl096 - cryptographic weakness | Nessus | Debian Local Security Checks | medium |
20333 | Solaris 10 (x86) : 118372-10 | Nessus | Solaris Local Security Checks | critical |
20332 | Solaris 10 (sparc) : 118371-10 | Nessus | Solaris Local Security Checks | critical |
20275 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
20272 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
20055 | Solaris 10 (x86) : 119214-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
20052 | Solaris 10 (sparc) : 119213-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
19844 | Solaris 9 (x86) : 119212-36 | Nessus | Solaris Local Security Checks | high |
19842 | Solaris 9 (sparc) : 119211-36 | Nessus | Solaris Local Security Checks | high |
13602 | Solaris 9 (x86) : 114435-16 | Nessus | Solaris Local Security Checks | critical |
13589 | Solaris 9 (x86) : 114050-14 | Nessus | Solaris Local Security Checks | medium |
13548 | Solaris 9 (sparc) : 114049-14 | Nessus | Solaris Local Security Checks | medium |
13538 | Solaris 9 (sparc) : 113451-17 | Nessus | Solaris Local Security Checks | critical |