RSS   Vulnerabilities for 'Tectia client server connector'   RSS

2006-10-24
 
CVE-2006-5484

CWE-Other
 

 
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.

 

 >>> Vendor: SSH 10 Products
SSH
SSH2
Secure shell
Secure shell for servers
Tectia server
Tectia client
Tectia connector
Tectia manager
Tectia client server connector
Tectia connectsecure


Copyright 2024, cxsecurity.com

 

Back to Top