146557 – OpenSSL vulnerability up to 0.9.7j and 0.9.8b affected

Bug 146557 - OpenSSL vulnerability up to 0.9.7j and 0.9.8b affected

Summary: OpenSSL vulnerability up to 0.9.7j and 0.9.8b affected

Status:	RESOLVED DUPLICATE of bug 146375

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	Highest normal (vote)
Assignee:	Gentoo Security

URL:	http://www.openssl.org/news/secadv_20...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-09-06 07:46 UTC by Bolke de Bruin
Modified:	2007-08-14 09:30 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bolke de Bruin 2006-09-06 07:46:41 UTC

Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5
signatures. If an RSA key with exponent 3 is used it may be possible
to forge a PKCS #1 v1.5 signature signed by that key. Implementations
may incorrectly verify the certificate if they are not checking for
excess data in the RSA exponentiation result of the signature.

Since there are CAs using exponent 3 in wide use, and PKCS #1 v1.5 is
used in X.509 certificates, all software that uses OpenSSL to verify
X.509 certificates is potentially vulnerable, as well as any other use
of PKCS #1 v1.5. This includes software that uses OpenSSL for SSL or
TLS.

OpenSSL versions up to 0.9.7j and 0.9.8b are affected.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2006-4339 to this issue.

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-06 07:49:04 UTC


*** This bug has been marked as a duplicate of 146375 ***