CVE-2006-7140MEDIUM
Description
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
References
http://secunia.com/advisories/23104
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1
http://www.vupen.com/english/advisories/2006/4744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648
Details
Source: MITRE
Published: 2007-03-07
Updated: 2018-10-30
Type: NVD-CWE-Other
Risk Information
CVSS v2.0
Base Score: 5.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Impact Score: 4.9
Exploitability Score: 8.6
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 109912 | Solaris 10 (x86) : 119214-37 | Nessus | Solaris Local Security Checks | medium |
| 109911 | Solaris 10 (sparc) : 119213-37 | Nessus | Solaris Local Security Checks | medium |
| 109884 | Solaris 10 (x86) : 119214-38 | Nessus | Solaris Local Security Checks | medium |
| 109882 | Solaris 10 (sparc) : 119213-38 | Nessus | Solaris Local Security Checks | medium |
| 107877 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
| 107816 | Solaris 10 (x86) : 119214-36 | Nessus | Solaris Local Security Checks | medium |
| 107815 | Solaris 10 (x86) : 119214-33 | Nessus | Solaris Local Security Checks | medium |
| 107814 | Solaris 10 (x86) : 119214-32 | Nessus | Solaris Local Security Checks | medium |
| 107813 | Solaris 10 (x86) : 119214-31 | Nessus | Solaris Local Security Checks | medium |
| 107812 | Solaris 10 (x86) : 119214-30 | Nessus | Solaris Local Security Checks | medium |
| 107811 | Solaris 10 (x86) : 119214-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
| 107796 | Solaris 10 (x86) : 116649-25 | Nessus | Solaris Local Security Checks | high |
| 107376 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
| 107313 | Solaris 10 (sparc) : 119213-36 | Nessus | Solaris Local Security Checks | medium |
| 107312 | Solaris 10 (sparc) : 119213-33 | Nessus | Solaris Local Security Checks | medium |
| 107311 | Solaris 10 (sparc) : 119213-32 | Nessus | Solaris Local Security Checks | medium |
| 107310 | Solaris 10 (sparc) : 119213-31 | Nessus | Solaris Local Security Checks | medium |
| 107309 | Solaris 10 (sparc) : 119213-30 | Nessus | Solaris Local Security Checks | medium |
| 107308 | Solaris 10 (sparc) : 119213-27 (BEAST) | Nessus | Solaris Local Security Checks | medium |
| 107295 | Solaris 10 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
| 27918 | Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerability (USN-339-1) | Nessus | Ubuntu Local Security Checks | medium |
| 27031 | Solaris 9 (x86) : 122715-03 | Nessus | Solaris Local Security Checks | high |
| 26166 | Solaris 9 (sparc) : 117123-10 | Nessus | Solaris Local Security Checks | high |
| 24592 | Mandrake Linux Security Advisory : bind (MDKSA-2006:207) | Nessus | Mandriva Local Security Checks | medium |
| 24564 | Mandrake Linux Security Advisory : ntp (MDKSA-2006:178) | Nessus | Mandriva Local Security Checks | critical |
| 24563 | Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177) | Nessus | Mandriva Local Security Checks | critical |
| 23905 | Mandrake Linux Security Advisory : openssl (MDKSA-2006:161) | Nessus | Mandriva Local Security Checks | medium |
| 23519 | Solaris 9 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
| 23414 | Solaris 8 (sparc) : 119209-36 | Nessus | Solaris Local Security Checks | high |
| 23381 | Solaris 8 (sparc) : 116648-25 | Nessus | Solaris Local Security Checks | high |
| 23361 | Solaris 8 (sparc) : 114045-14 | Nessus | Solaris Local Security Checks | medium |
| 22946 | Solaris 10 (sparc) : 116648-25 (deprecated) | Nessus | Solaris Local Security Checks | high |
| 22716 | Debian DSA-1174-1 : openssl096 - cryptographic weakness | Nessus | Debian Local Security Checks | medium |
| 20333 | Solaris 10 (x86) : 118372-10 | Nessus | Solaris Local Security Checks | critical |
| 20332 | Solaris 10 (sparc) : 118371-10 | Nessus | Solaris Local Security Checks | critical |
| 20275 | Solaris 10 (x86) : 121230-02 | Nessus | Solaris Local Security Checks | critical |
| 20272 | Solaris 10 (sparc) : 121229-02 | Nessus | Solaris Local Security Checks | critical |
| 20055 | Solaris 10 (x86) : 119214-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
| 20052 | Solaris 10 (sparc) : 119213-36 (deprecated) | Nessus | Solaris Local Security Checks | medium |
| 19844 | Solaris 9 (x86) : 119212-36 | Nessus | Solaris Local Security Checks | high |
| 19842 | Solaris 9 (sparc) : 119211-36 | Nessus | Solaris Local Security Checks | high |
| 13602 | Solaris 9 (x86) : 114435-16 | Nessus | Solaris Local Security Checks | critical |
| 13589 | Solaris 9 (x86) : 114050-14 | Nessus | Solaris Local Security Checks | medium |
| 13548 | Solaris 9 (sparc) : 114049-14 | Nessus | Solaris Local Security Checks | medium |
| 13538 | Solaris 9 (sparc) : 113451-17 | Nessus | Solaris Local Security Checks | critical |