CVE-2006-4339

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2006-4339
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2006-09-05 17:04:00 UTC
Updated2018-10-17 21:35:00 UTC
DescriptionOpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

Risk And Classification

Problem Types: CWE-310

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Openssl Openssl 0.9.1c All All All
Application Openssl Openssl 0.9.2b All All All
Application Openssl Openssl 0.9.3 All All All
Application Openssl Openssl 0.9.3a All All All
Application Openssl Openssl 0.9.4 All All All
Application Openssl Openssl 0.9.5 All All All
Application Openssl Openssl 0.9.5 beta1 All All
Application Openssl Openssl 0.9.5 beta2 All All
Application Openssl Openssl 0.9.5a All All All
Application Openssl Openssl 0.9.5a beta1 All All
Application Openssl Openssl 0.9.5a beta2 All All
Application Openssl Openssl 0.9.6 All All All
Application Openssl Openssl 0.9.6 beta1 All All
Application Openssl Openssl 0.9.6 beta2 All All
Application Openssl Openssl 0.9.6 beta3 All All
Application Openssl Openssl 0.9.6a All All All
Application Openssl Openssl 0.9.6a beta1 All All
Application Openssl Openssl 0.9.6a beta2 All All
Application Openssl Openssl 0.9.6a beta3 All All
Application Openssl Openssl 0.9.6b All All All
Application Openssl Openssl 0.9.6c All All All
Application Openssl Openssl 0.9.6d All All All
Application Openssl Openssl 0.9.6e All All All
Application Openssl Openssl 0.9.6f All All All
Application Openssl Openssl 0.9.6g All All All
Application Openssl Openssl 0.9.6h All All All
Application Openssl Openssl 0.9.6i All All All
Application Openssl Openssl 0.9.6j All All All
Application Openssl Openssl 0.9.6k All All All
Application Openssl Openssl 0.9.6l All All All
Application Openssl Openssl 0.9.6m All All All
Application Openssl Openssl 0.9.7a All All All
Application Openssl Openssl 0.9.7b All All All
Application Openssl Openssl 0.9.7c All All All
Application Openssl Openssl 0.9.7d All All All
Application Openssl Openssl 0.9.7e All All All
Application Openssl Openssl 0.9.7f All All All
Application Openssl Openssl 0.9.7g All All All
Application Openssl Openssl 0.9.7h All All All
Application Openssl Openssl 0.9.7i All All All
Application Openssl Openssl 0.9.7j All All All
Application Openssl Openssl 0.9.8 All All All
Application Openssl Openssl 0.9.8a All All All
Application Openssl Openssl 0.9.8b All All All
Application Openssl Openssl All All All All
Application Openssl Openssl 0.9.1c All All All
Application Openssl Openssl 0.9.2b All All All
Application Openssl Openssl 0.9.3 All All All
Application Openssl Openssl 0.9.3a All All All
Application Openssl Openssl 0.9.4 All All All
Application Openssl Openssl 0.9.5 All All All
Application Openssl Openssl 0.9.5 beta1 All All
Application Openssl Openssl 0.9.5 beta2 All All
Application Openssl Openssl 0.9.5a All All All
Application Openssl Openssl 0.9.5a beta1 All All
Application Openssl Openssl 0.9.5a beta2 All All
Application Openssl Openssl 0.9.6 All All All
Application Openssl Openssl 0.9.6 beta1 All All
Application Openssl Openssl 0.9.6 beta2 All All
Application Openssl Openssl 0.9.6 beta3 All All
Application Openssl Openssl 0.9.6a All All All
Application Openssl Openssl 0.9.6a beta1 All All
Application Openssl Openssl 0.9.6a beta2 All All
Application Openssl Openssl 0.9.6a beta3 All All
Application Openssl Openssl 0.9.6b All All All
Application Openssl Openssl 0.9.6c All All All
Application Openssl Openssl 0.9.6d All All All
Application Openssl Openssl 0.9.6e All All All
Application Openssl Openssl 0.9.6f All All All
Application Openssl Openssl 0.9.6g All All All
Application Openssl Openssl 0.9.6h All All All
Application Openssl Openssl 0.9.6i All All All
Application Openssl Openssl 0.9.6j All All All
Application Openssl Openssl 0.9.6k All All All
Application Openssl Openssl 0.9.6l All All All
Application Openssl Openssl 0.9.6m All All All
Application Openssl Openssl 0.9.7a All All All
Application Openssl Openssl 0.9.7b All All All
Application Openssl Openssl 0.9.7c All All All
Application Openssl Openssl 0.9.7d All All All
Application Openssl Openssl 0.9.7e All All All
Application Openssl Openssl 0.9.7f All All All
Application Openssl Openssl 0.9.7g All All All
Application Openssl Openssl 0.9.7h All All All
Application Openssl Openssl 0.9.7i All All All
Application Openssl Openssl 0.9.7j All All All
Application Openssl Openssl 0.9.8 All All All
Application Openssl Openssl 0.9.8a All All All
Application Openssl Openssl 0.9.8b All All All

References

ReferenceSourceLinkTags
Slackware update for bind - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
ASA-2006-188 CONFIRM support.avaya.com
Sybase Unwired Accelerator RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
#200474: Security Vulnerability With RSA Signature Affects the Sun Secure Global Desktop Software SUNALERT sunsolve.sun.com
#201390: Security Vulnerability With RSA Signature Affects Solaris Applications Utilizing the libike Library SUNALERT sunsolve.sun.com
Sun Java System Multiple Products RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Cisco Products OpenSSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
HP System Management Homepage Apache and OpenSSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
[#RPL-616] openssl key forgery vulnerabilities for some RSA keys (CVE-2006-4339) - rPath JIRA CONFIRM issues.rpath.com
VMware Workstation 6 Release Notes CONFIRM www.vmware.com
usn/usn-339-1 - Ubuntu: Linux for human beings UBUNTU www.ubuntu.com Patch
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
#102686: Security Vulnerability in RSA Signature Verification Affects Java 2 Platform, Standard Edition SUNALERT sunsolve.sun.com
Novell International Cryptographic Infrastructure Two Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
support.attachmate.com/techdocs/2127.html CONFIRM support.attachmate.com
VMware ESX Server 2.5.3 Upgrade Patch 6 (for 2.5.3 Systems) CONFIRM www.vmware.com
Ubuntu update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Security Announcement SUSE www.novell.com
Security Announcement SUSE www.novell.com
SGI Advanced Linux Environment Multiple Updates - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
#201247: Security Vulnerability With RSA Signatures Affects OpenSSL Shipped With Solaris SUNALERT sunsolve.sun.com
Sybase Afaria RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
US-CERT Technical Cyber Security Alert TA06-333A -- Apple Releases Security Update to Address Multiple Vulnerabilities CERT www.us-cert.gov US Government Resource
VMware Player Release Notes CONFIRM www.vmware.com
Reflection Products RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com
SecureCRT / SecureFX OpenSSL RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Security Announcement SUSE www.novell.com
1000148 SUNALERT sunsolve.sun.com
Gentoo Linux Documentation -- OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery GENTOO security.gentoo.org
HP-UX update for Bind - Advisories - Secunia SECUNIA secunia.com
Support REDHAT www.redhat.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
HP-UX update for firefox - Advisories - Secunia SECUNIA secunia.com
Red Hat update for java-1.4.2-ibm - Advisories - Secunia SECUNIA secunia.com
OpenVPN Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Serv-U FTP Server OpenSSL Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
VMware ESX Server 2.1.3 Upgrade Patch 4 (for 2.1.3 Systems) CONFIRM www.vmware.com
The Slackware Linux Project: Slackware Security Advisories SLACKWARE slackware.com
rhn.redhat.com | Red Hat Support REDHAT www.redhat.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
rPath update for openssl - Advisories - Secunia SECUNIA secunia.com
Oracle Products Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
VMSA-2008-0005.1 - VMware CONFIRM www.vmware.com
Download Patch ESX-9986131 for VMware ESX Server 3.0.1 CONFIRM www.vmware.com
VMWare ESX Server Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
VMware Server Release Notes CONFIRM www.vmware.com
OpenSSL RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com Patch, Vendor Advisory
Red Hat update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Gentoo update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Sun Solaris WAN Boot RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com
Security Advisory SA60799 - Gentoo openoffice Multiple Vulnerabilties - Secunia SECUNIA secunia.com
[Security-announce] VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues MLIST lists.vmware.com
SecurityFocus HP www.securityfocus.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Serv-U Release Notes - Current CONFIRM www.serv-u.com
issues.rpath.com/browse/RPL-1633 CONFIRM issues.rpath.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Debian update for openssl096 - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
SecurityTracker.com Archives - OpenSSL RSA Signatures Can Be Forged SECTRACK securitytracker.com
Cisco - Networking, Cloud, and Cybersecurity Solutions CISCO www.cisco.com
HP Tru64 UNIX Multiple SSL and BIND Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Gentoo Linux Documentation -- Mozilla Network Security Service (NSS): RSA signature forgery GENTOO www.gentoo.org
APPLE-SA-2006-11-28 Security Update 2006-007 APPLE lists.apple.com
OpenOffice.org 3 Multiple Vulnerabilities - Advisories - Community SECUNIA secunia.com
JVN#51615542: Adobe Reader fails to properly handle signatures JVN jvn.jp
Oracle Critical Patch Update - January 2007 CONFIRM www.oracle.com
VMware ESX Server 2.5.4 Upgrade Patch 3 (for 2.5.4 Systems Only) CONFIRM www.vmware.com
Bleichenbacher's RSA signature forgery based on implementation error MLIST www.imc.org
Repository / Oval Repository OVAL oval.cisecurity.org
SecurityTracker.com Archives - Oracle Database and Other Products Have 52 Unspecified Vulnerabilities With Unspecified Impact SECTRACK securitytracker.com
OpenSSL PKCS Padding RSA Signature Forgery Vulnerability BID www.securityfocus.com Patch
Support REDHAT www.redhat.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
'[security bulletin] HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Ap' - MARC HP marc.info
Sun JES / Solaris OpenSSL RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
OpenOffice.org 2 Multiple Vulnerabilities - Advisories - Community SECUNIA secunia.com
CVE-2006-4339 CONFIRM www.openoffice.org
Mandriva update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
IT Resource Center - login / register HP itrc.hp.com
Gentoo update for opera - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
APPLE-SA-2007-12-14 Java Release 6 for Mac OS X 10.4 APPLE lists.apple.com
Advisories - Mandriva Linux MANDRIVA www.mandriva.com
Debian update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
201534 SUNALERT sunsolve.sun.com
HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS) - c01118771 - HP Business Support Center HP h20000.www2.hp.com
SSRT061273 HP h20000.www2.hp.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html CONFIRM secure-support.novell.com
SUSE update for openssl/mozilla-nss - Advisories - Secunia SECUNIA secunia.com
IBM X-Force Exchange XF exchange.xforce.ibmcloud.com
Webmail - OVH VUPEN www.vupen.com
Advisories - Mandriva Linux MANDRIVA www.mandriva.com
FreeBSD update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
IBM - Subscription service - Bulletin CONFIRM www14.software.ibm.com
Webmail - OVH VUPEN www.vupen.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
FreeBSD-SA-06:19 FREEBSD security.freebsd.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Oracle Open Office Multiple Vulnerabilities - Advisories - Community SECUNIA secunia.com
Advisories - Mandriva Linux MANDRIVA www.mandriva.com
JVNDB-2012-000079 JVNDB jvndb.jvn.jp
US-CERT Vulnerability Note VU#845620 CERT-VN www.kb.cert.org US Government Resource
Mandriva update for ntp - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Slackware update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
WebLogic SSL may verify RSA Signatures incorrectly if the RSA key exponent is 3 BEA dev2dev.bea.com
Cisco Security Response: Multiple Vulnerabilities in OpenSSL Library  [Cisco GSS 4400 Series Global Site Selector Appliances] - Cisco Systems CISCO www.cisco.com
OpenVPN 2.0.x Change Log CONFIRM openvpn.net
#200708: A Security Vulnerability in RSA Signature Verification Affects Sun Java System Application Server, Proxy Server and Web Server SUNALERT sunsolve.sun.com
Sybase PowerBuilder RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Gentoo update for nss - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Opera SSL RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
OpenPKG Corporation: Security: Security Advisories OPENPKG www.openpkg.org
Gentoo Linux Documentation -- OpenOffice, LibreOffice: Multiple vulnerabilities GENTOO www.gentoo.org
SecurityFocus BUGTRAQ www.securityfocus.com
Webmail - OVH VUPEN www.vupen.com
Sybase Enterprise Portal RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Preliminary advisory on security vulnerability in RSA signature verification impacting several Sybase products - Sybase Inc CONFIRM www.sybase.com
VMware Workstation 5.5 Release Notes CONFIRM www.vmware.com
Gentoo Linux Documentation -- Opera: RSA signature forgery GENTOO security.gentoo.org
Blue Coat Support - Security Advisories CONFIRM www.bluecoat.com
SUSE Update for Multiple Packages - Advisories - Secunia SECUNIA secunia.com
Cisco Products OpenSSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Support REDHAT www.redhat.com Vendor Advisory
'Internet Systems Consortium Security Advisory. [revised]' - MARC MLIST marc.info
200708 SUNALERT sunsolve.sun.com
HP Insight Management Agents SSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Sybase mFolio RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
20060901-01-P SGI patches.sgi.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
SUSE update for opera - Advisories - Secunia SECUNIA secunia.com
Debian -- Security Information -- DSA-1173-1 openssl DEBIAN www.us.debian.org Patch
About the security content of Security Update 2006-007 CONFIRM docs.info.apple.com
Advisories - Mandriva Linux MANDRIVA www.mandriva.com
OpenVPN OpenSSL RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
VMware ACE Release Notes CONFIRM www.vmware.com
Juniper Secure Access / Unified Access Control RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
Mozilla Firefox Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Blue Coat Products RSA Signature Vulnerability - Advisories - Secunia SECUNIA secunia.com
VMware Player Release Notes CONFIRM www.vmware.com
OpenBSD update for OpenSSL - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Opera Software - Knowledge Base CONFIRM www.opera.com
OpenBSD 4.0 errata OPENBSD www.openbsd.org
www.openssl.org/news/secadv_20060905.txt CONFIRM www.openssl.org Patch, Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Sybase Mach Desktop RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
#102759: Security Vulnerability With RSA Signatures Affects Solaris WAN Boot SUNALERT sunsolve.sun.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Mandriva update for MySQL - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
201247 SUNALERT sunsolve.sun.com
Avaya Products OpenSSL Vulnerability - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
BEA Products Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
#200610: Security Vulnerability Issue of Forged RSA Signatures for Java Enterprise System and Solaris SUNALERT sunsolve.sun.com
Ingate Firewall and SIParator OpenSSL Vulnerability - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
OpenPKG Corporation: Security: Security Advisories OPENPKG www.openpkg.com
Mandriva update for bind - Advisories - Secunia SECUNIA secunia.com
#102648: Security Vulnerability in RSA Signature Verification Impacting Multiple SUN Products SUNALERT sunsolve.sun.com
Security Announcement SUSE www.novell.com
Reflection Security Updates for US-CERT Vulnerability #845620: RSA Public Exponent 3 - Tech Note 2137 CONFIRM support.attachmate.com
Sun Secure Global Desktop Software RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
SecurityFocus BUGTRAQ www.securityfocus.com
IBM HMC Apache2 / OpenSSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
SSRT071304 HP www2.itrc.hp.com
SecurityFocus BUGTRAQ www.securityfocus.com
Mac OS X Java Multiple Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Download Patch ESX-3069097 for VMware ESX Server 3.0.1 CONFIRM www.vmware.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Matasano Chargen » Many RSA Signatures May Be Forgeable In OpenSSL and Elsewhere MISC www.matasano.com
VMware Server 1.0.5 and Workstation 6.0.3 Multiple Vulnerabilities BID www.securityfocus.com
Red Hat Network Satellite Server Update for Solaris Client - Advisories - Community SECUNIA secunia.com
Debian -- Security Information -- DSA-1174-1 openssl096 DEBIAN www.debian.org Patch
SecurityFocus BUGTRAQ www.securityfocus.com
BIND OpenSSL Vulnerabilities - Advisories - Secunia SECUNIA secunia.com
Oracle January 2007 Security Update Multiple Vulnerabilities BID www.securityfocus.com
IT Resource Center - login / register HP www1.itrc.hp.com
HP-UX update for Apache - Advisories - Secunia SECUNIA secunia.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
Sybase RFID Enterprise RSA Signature Forgery - Advisories - Secunia SECUNIA secunia.com
VMware ESX Server 2.0.2 Upgrade Patch 4 (for 2.0.2 Systems) CONFIRM www.vmware.com
Sun Solaris RSA Signature Forgery Vulnerability - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
The Slackware Linux Project: Slackware Security Advisories SLACKWARE slackware.com
About the security content of Java Release 6 for Mac OS X 10.4 MISC docs.info.apple.com
support.attachmate.com/techdocs/2128.html CONFIRM support.attachmate.com
www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf CONFIRM www.arkoon.fr
Support REDHAT www.redhat.com
Webmail - OVH VUPEN www.vupen.com
28549 OSVDB www.osvdb.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
rPath update for openssl - Advisories - Secunia SECUNIA secunia.com Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH VUPEN www.vupen.com
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis

Vendor Comments And Credit

OrganizationPublishedContributorStatement
Red Hat2007-03-14Mark J CoxVulnerable. This issue affects OpenSSL and OpenSSL compatibility packages in Red Hat Enterprise Linux 2.1, 3, and 4. Updates, along with our advisory are available at the URL below. http://rhn.redhat.com/errata/RHSA-2006-0661.html Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Legacy QID Mappings

  • 390284 Oracle Managed Virtualization (VM) Server for x86 Security Update for Open Secure Sockets Layer (OpenSSL) (OVMSA-2023-0013)
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report