CVE-2006-5484

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.

Published : 2006-10-24 22:07 Updated : 2019-08-28 14:49

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Ssh Tectia Client 5.1.0 cpe:/a:ssh:tectia_client:5.1.0
Ssh Tectia Connector 5.1.0 cpe:/a:ssh:tectia_connector:5.1.0
Ssh Tectia Server 5.1.0 cpe:/a:ssh:tectia_server:5.1.0
Ssh Tectia Manager 2.2.0 cpe:/a:ssh:tectia_manager:2.2.0
  1. Ssh (4) Search CVE
    1. Tectia Client (1) Search CVE
      1. 5.1.0
    2. Tectia Manager (1) Search CVE
      1. 2.2.0
    3. Tectia Connector (1) Search CVE
      1. 5.1.0
    4. Tectia Server (1) Search CVE
      1. 5.1.0

CWE

There is no CWE for this CVE.

History of changes

Date Event
2019-08-28 14:49
2006-10-24 22:07

New CVE