QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-4790

Back to search

CVE-2006-4790

Published: Sep 14, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

VendorProductVersions

n/a

n/a

affected
n/a

References

25762
third-party-advisory
x_refsource_SECUNIA
22992
third-party-advisory
x_refsource_SECUNIA
21937
third-party-advisory
x_refsource_SECUNIA
22049
third-party-advisory
x_refsource_SECUNIA
1016844
vdb-entry
x_refsource_SECTRACK
ADV-2006-3899
vdb-entry
x_refsource_VUPEN
20027
vdb-entry
x_refsource_BID
SUSE-SR:2006:023
vendor-advisory
x_refsource_SUSE
MDKSA-2006:166
vendor-advisory
x_refsource_MANDRIVA
RHSA-2006:0680
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:9937
vdb-entry
signature
x_refsource_OVAL
102970
vendor-advisory
x_refsource_SUNALERT
ADV-2006-3635
vdb-entry
x_refsource_VUPEN
21942
third-party-advisory
x_refsource_SECUNIA
22080
third-party-advisory
x_refsource_SECUNIA
GLSA-200609-15
vendor-advisory
x_refsource_GENTOO
SUSE-SA:2007:010
vendor-advisory
x_refsource_SUSE
DSA-1182
vendor-advisory
x_refsource_DEBIAN
102648
vendor-advisory
x_refsource_SUNALERT
21973
third-party-advisory
x_refsource_SECUNIA
22226
third-party-advisory
x_refsource_SECUNIA
22084
third-party-advisory
x_refsource_SECUNIA
USN-348-1
vendor-advisory
x_refsource_UBUNTU
ADV-2007-2289
vdb-entry
x_refsource_VUPEN
22097
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now