CVE-2006-7140

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.

References

http://secunia.com/advisories/23104

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1

http://www.vupen.com/english/advisories/2006/4744

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648

Details

Source: MITRE

Published: 2007-03-07

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (45 total)

IDNameProductFamilySeverity
109912Solaris 10 (x86) : 119214-37NessusSolaris Local Security Checks
high
109911Solaris 10 (sparc) : 119213-37NessusSolaris Local Security Checks
high
109884Solaris 10 (x86) : 119214-38NessusSolaris Local Security Checks
medium
109882Solaris 10 (sparc) : 119213-38NessusSolaris Local Security Checks
medium
107877Solaris 10 (x86) : 121230-02NessusSolaris Local Security Checks
critical
107816Solaris 10 (x86) : 119214-36NessusSolaris Local Security Checks
medium
107815Solaris 10 (x86) : 119214-33NessusSolaris Local Security Checks
medium
107814Solaris 10 (x86) : 119214-32NessusSolaris Local Security Checks
medium
107813Solaris 10 (x86) : 119214-31NessusSolaris Local Security Checks
medium
107812Solaris 10 (x86) : 119214-30NessusSolaris Local Security Checks
medium
107811Solaris 10 (x86) : 119214-27 (BEAST)NessusSolaris Local Security Checks
medium
107796Solaris 10 (x86) : 116649-25NessusSolaris Local Security Checks
high
107376Solaris 10 (sparc) : 121229-02NessusSolaris Local Security Checks
critical
107313Solaris 10 (sparc) : 119213-36NessusSolaris Local Security Checks
medium
107312Solaris 10 (sparc) : 119213-33NessusSolaris Local Security Checks
medium
107311Solaris 10 (sparc) : 119213-32NessusSolaris Local Security Checks
medium
107310Solaris 10 (sparc) : 119213-31NessusSolaris Local Security Checks
medium
107309Solaris 10 (sparc) : 119213-30NessusSolaris Local Security Checks
medium
107308Solaris 10 (sparc) : 119213-27 (BEAST)NessusSolaris Local Security Checks
medium
107295Solaris 10 (sparc) : 116648-25NessusSolaris Local Security Checks
high
27918Ubuntu 5.04 / 5.10 / 6.06 LTS : openssl vulnerability (USN-339-1)NessusUbuntu Local Security Checks
medium
27031Solaris 9 (x86) : 122715-03NessusSolaris Local Security Checks
high
26166Solaris 9 (sparc) : 117123-10NessusSolaris Local Security Checks
high
24592Mandrake Linux Security Advisory : bind (MDKSA-2006:207)NessusMandriva Local Security Checks
medium
24564Mandrake Linux Security Advisory : ntp (MDKSA-2006:178)NessusMandriva Local Security Checks
critical
24563Mandrake Linux Security Advisory : MySQL (MDKSA-2006:177)NessusMandriva Local Security Checks
critical
23905Mandrake Linux Security Advisory : openssl (MDKSA-2006:161)NessusMandriva Local Security Checks
medium
23519Solaris 9 (sparc) : 116648-25NessusSolaris Local Security Checks
high
23414Solaris 8 (sparc) : 119209-36NessusSolaris Local Security Checks
high
23381Solaris 8 (sparc) : 116648-25NessusSolaris Local Security Checks
high
23361Solaris 8 (sparc) : 114045-14NessusSolaris Local Security Checks
medium
22946Solaris 10 (sparc) : 116648-25 (deprecated)NessusSolaris Local Security Checks
high
22716Debian DSA-1174-1 : openssl096 - cryptographic weaknessNessusDebian Local Security Checks
medium
20333Solaris 10 (x86) : 118372-10NessusSolaris Local Security Checks
critical
20332Solaris 10 (sparc) : 118371-10NessusSolaris Local Security Checks
critical
20275Solaris 10 (x86) : 121230-02NessusSolaris Local Security Checks
critical
20272Solaris 10 (sparc) : 121229-02NessusSolaris Local Security Checks
critical
20055Solaris 10 (x86) : 119214-36 (deprecated)NessusSolaris Local Security Checks
medium
20052Solaris 10 (sparc) : 119213-36 (deprecated)NessusSolaris Local Security Checks
medium
19844Solaris 9 (x86) : 119212-36NessusSolaris Local Security Checks
high
19842Solaris 9 (sparc) : 119211-36NessusSolaris Local Security Checks
high
13602Solaris 9 (x86) : 114435-16NessusSolaris Local Security Checks
critical
13589Solaris 9 (x86) : 114050-14NessusSolaris Local Security Checks
medium
13548Solaris 9 (sparc) : 114049-14NessusSolaris Local Security Checks
medium
13538Solaris 9 (sparc) : 113451-17NessusSolaris Local Security Checks
critical