The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
http://secunia.com/advisories/23104
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1
http://www.vupen.com/english/advisories/2006/4744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648
Source: MITRE
Published: 2007-03-07
Updated: 2018-10-30
Type: NVD-CWE-Other
Base Score: 5.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Impact Score: 4.9
Exploitability Score: 8.6
Severity: MEDIUM
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
109912 | Solaris 10 (x86) : 119214-37 | Nessus | Solaris Local Security Checks | medium |
109911 | Solaris 10 (sparc) : 119213-37 | Nessus | Solaris Local Security Checks | medium |
109884 | Solaris 10 (x86) : 119214-38 | Nessus | Solaris Local Security Checks | medium |
109882 | Solaris 10 (sparc) : 119213-38 | Nessus | Solaris Local Security Checks | medium |
107877 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
107816 | Solaris 10 (x86) : 119214-36 | Nessus | Solaris Local Security Checks | medium |
107815 | Solaris 10 (x86) : 119214-33 | Nessus | Solaris Local Security Checks | medium |
107814 | Solaris 10 (x86) : 119214-32 | Nessus | Solaris Local Security Checks | medium |
107813 | Solaris 10 (x86) : 119214-31 | Nessus | Solaris Local Security Checks | medium |
107812 | Solaris 10 (x86) : 119214-30 | Nessus | Solaris Local Security Checks | medium |
107811 | Solaris 10 (x86) : 119214-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
107796 | Solaris 10 (x86) : 116649-25 | Nessus | Solaris Local Security Checks | high |
107376 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
107313 | Solaris 10 (sparc) : 119213-36 | Nessus | Solaris Local Security Checks | medium |
107312 | Solaris 10 (sparc) : 119213-33 | Nessus | Solaris Local Security Checks | medium |
107311 | Solaris 10 (sparc) : 119213-32 | Nessus | Solaris Local Security Checks | medium |
107310 | Solaris 10 (sparc) : 119213-31 | Nessus | Solaris Local Security Checks | medium |
107309 | Solaris 10 (sparc) : 119213-30 | Nessus | Solaris Local Security Checks | medium |
107308 | Solaris 10 (sparc) : 119213-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
107295 | Solaris 10 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
27918 | Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerability (USN-339-1) | Nessus | Ubuntu Local Security Checks | medium |
27031 | Solaris 9 (x86) : 122715-03 | Nessus | Solaris Local Security Checks | high |
26166 | Solaris 9 (sparc) : 117123-10 | Nessus | Solaris Local Security Checks | high |
24592 | Mandrake Linux Security Advisory : bind (MDKSA-2006:207) | Nessus | Mandriva Local Security Checks | medium |
24564 | Mandrake Linux Security Advisory : ntp (MDKSA-2006:178) | Nessus | Mandriva Local Security Checks | critical |
24563 | Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177) | Nessus | Mandriva Local Security Checks | critical |
23905 | Mandrake Linux Security Advisory : openssl (MDKSA-2006:161) | Nessus | Mandriva Local Security Checks | medium |
23519 | Solaris 9 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
23414 | Solaris 8 (sparc) : 119209-36 | Nessus | Solaris Local Security Checks | high |
23381 | Solaris 8 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
23361 | Solaris 8 (sparc) : 114045-14 | Nessus | Solaris Local Security Checks | medium |
22946 | Solaris 10 (sparc) : 116648-25 (deprecated) | Nessus | Solaris Local Security Checks | high |
22716 | Debian DSA-1174-1 : openssl096 - cryptographic weakness | Nessus | Debian Local Security Checks | medium |
20333 | Solaris 10 (x86) : 118372-10 | Nessus | Solaris Local Security Checks | critical |
20332 | Solaris 10 (sparc) : 118371-10 | Nessus | Solaris Local Security Checks | critical |
20275 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
20272 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
20055 | Solaris 10 (x86) : 119214-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
20052 | Solaris 10 (sparc) : 119213-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
19844 | Solaris 9 (x86) : 119212-36 | Nessus | Solaris Local Security Checks | high |
19842 | Solaris 9 (sparc) : 119211-36 | Nessus | Solaris Local Security Checks | high |
13602 | Solaris 9 (x86) : 114435-16 | Nessus | Solaris Local Security Checks | critical |
13589 | Solaris 9 (x86) : 114050-14 | Nessus | Solaris Local Security Checks | medium |
13548 | Solaris 9 (sparc) : 114049-14 | Nessus | Solaris Local Security Checks | medium |
13538 | Solaris 9 (sparc) : 113451-17 | Nessus | Solaris Local Security Checks | critical |