CVE-2006-5484
First published: Tue Oct 24 2006(Updated: )
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SSH Tectia Client | <=5.1.0 | |
| SSH Tectia Server | <=5.1.0 | |
| Ssh Tectia Connector | <=5.1.0 | |
| Ssh Tectia Manager | <=2.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/ssh
- canonical/ssh tectia client
- version/ssh tectia client/5.1.0
- canonical/ssh tectia server
- version/ssh tectia server/5.1.0
- canonical/ssh tectia connector
- version/ssh tectia connector/5.1.0
- canonical/ssh tectia manager
- version/ssh tectia manager/2.2.0