NVD

Id
64085  
Name
CVE-2006-5484  
Description
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-10-24  
Modified Date
2011-03-07  
Seq
2006-5484  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
334314 64085 CVE-2006-5484 1017060  View
334315 64085 CVE-2006-5484 1017061  View
334316 64085 CVE-2006-5484 VU#845620  View
334317 64085 CVE-2006-5484 http://www.ssh.com/company/news/2006/english/security/article/786/  View
334318 64085 CVE-2006-5484 ADV-2006-4032  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
61069 JVNDB-2006-003335 SSH Tectia Client/Server/Connector などの製品における RSA 鍵で署名済みの PKCS #1 署名を偽装される脆弱性 SSH Tectia Client/Server/Connector、Manager、およびその他の製品は、exponent 3 を伴う RSA 鍵を使用している際、ハッシュを生成する前に PKCS-1 パディングを削除するため、RSA 鍵で署名済みの PKCS #1 署名を偽装される、および X.509 など他の PKCS #1 を使用する証明書を Tectia で検証されない脆弱性が存在します。 CVE-2006-5484 21586 CVE-2006-5484 64085 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003335.html 2006-10-24 2012-12-20 View