CVE-2006-4339

Description

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.

Category

4.3
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 3.80% Top 15%
Vendor Advisory hp.com Vendor Advisory sun.com Vendor Advisory hp.com Vendor Advisory gentoo.org Vendor Advisory mandriva.com Vendor Advisory redhat.com Vendor Advisory novell.com Vendor Advisory hp.com Vendor Advisory bea.com Vendor Advisory sun.com Vendor Advisory redhat.com Vendor Advisory openpkg.org Vendor Advisory hp.com Vendor Advisory securityfocus.com Vendor Advisory marc.info Vendor Advisory sun.com Vendor Advisory gentoo.org Vendor Advisory openbsd.org Vendor Advisory slackware.com Vendor Advisory ubuntu.com Vendor Advisory novell.com Vendor Advisory sun.com Vendor Advisory mandriva.com Vendor Advisory sun.com Vendor Advisory debian.org Vendor Advisory mandriva.com Vendor Advisory redhat.com Vendor Advisory sun.com Vendor Advisory apple.com Vendor Advisory sun.com Vendor Advisory novell.com Vendor Advisory sgi.com Vendor Advisory gentoo.org Vendor Advisory debian.org Vendor Advisory sun.com Vendor Advisory redhat.com Vendor Advisory hp.com Vendor Advisory sun.com Vendor Advisory apple.com Vendor Advisory redhat.com Vendor Advisory sun.com Vendor Advisory freebsd.org Vendor Advisory openpkg.com Vendor Advisory mandriva.com Vendor Advisory cisco.com Vendor Advisory sun.com Vendor Advisory novell.com Vendor Advisory slackware.com Vendor Advisory gentoo.org Vendor Advisory cisco.com Vendor Advisory sun.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory openssl.org
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
http://www.vupen.com/english/advisories/2006/4750 vdb entry
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495 vendor advisory
http://www.vupen.com/english/advisories/2006/3453 vdb entry
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
http://secunia.com/advisories/23915 third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1 vendor advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 vendor advisory
http://jvn.jp/en/jp/JVN51615542/index.html third party advisory
http://docs.info.apple.com/article.html?artnum=307177
http://secunia.com/advisories/60799 third party advisory
http://www.osvdb.org/28549 vdb entry
http://www.vupen.com/english/advisories/2006/4366 vdb entry
http://secunia.com/advisories/22932 third party advisory
http://www.vupen.com/english/advisories/2006/3748 vdb entry
http://secunia.com/advisories/21791 third party advisory vendor advisory
http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml vendor advisory
http://secunia.com/advisories/26893 third party advisory
http://www.openssl.org/news/secadv_20060905.txt patch vendor advisory
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://secunia.com/advisories/22509 third party advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:207 vendor advisory
http://www.redhat.com/support/errata/RHSA-2006-0661.html vendor advisory
http://www.novell.com/linux/security/advisories/2006_61_opera.html vendor advisory
http://secunia.com/advisories/21930 third party advisory vendor advisory
http://secunia.com/advisories/22940 third party advisory
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144 vendor advisory
http://secunia.com/advisories/21852 third party advisory vendor advisory
http://dev2dev.bea.com/pub/advisory/238 vendor advisory
http://secunia.com/advisories/21823 third party advisory vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 vendor advisory
http://secunia.com/advisories/22758 third party advisory
http://secunia.com/advisories/22938 third party advisory
http://www.vupen.com/english/advisories/2006/3899 vdb entry
http://secunia.com/advisories/22044 third party advisory
http://www.vupen.com/english/advisories/2007/1945 vdb entry
http://www.redhat.com/support/errata/RHSA-2007-0062.html vendor advisory
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html vendor advisory
http://www.vupen.com/english/advisories/2006/4206 vdb entry
http://www.vupen.com/english/advisories/2006/3730 vdb entry
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 vendor advisory
http://secunia.com/advisories/21812 third party advisory vendor advisory
http://secunia.com/advisories/22523 third party advisory
http://www.securityfocus.com/archive/1/450327/100/0/threaded vendor advisory
http://secunia.com/advisories/22689 third party advisory
http://docs.info.apple.com/article.html?artnum=304829
http://secunia.com/advisories/23794 third party advisory
http://marc.info/?l=bugtraq&m=130497311408250&w=2 vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1 vendor advisory
http://security.gentoo.org/glsa/glsa-200609-05.xml vendor advisory
http://secunia.com/advisories/22711 third party advisory
http://www.securityfocus.com/archive/1/445231/100/0/threaded mailing list
http://secunia.com/advisories/23680 third party advisory
http://openvpn.net/changelog.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.openbsd.org/errata.html vendor advisory
http://secunia.com/advisories/22733 third party advisory
https://issues.rpath.com/browse/RPL-1633
http://secunia.com/advisories/22949 third party advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955 vendor advisory
http://www.ubuntu.com/usn/usn-339-1 patch vendor advisory
http://www.vupen.com/english/advisories/2006/3566 vdb entry
http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf
http://www.novell.com/linux/security/advisories/2006_26_sr.html vendor advisory
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1 vendor advisory
http://secunia.com/advisories/22446 third party advisory
http://secunia.com/advisories/22939 third party advisory
http://secunia.com/advisories/24099 third party advisory
http://www.securityfocus.com/archive/1/445822/100/0/threaded mailing list
http://secunia.com/advisories/25284 third party advisory
http://www.securityfocus.com/bid/22083 vdb entry
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178 vendor advisory
http://securitytracker.com/id?1016791 vdb entry
http://secunia.com/advisories/25649 third party advisory
http://www.vupen.com/english/advisories/2010/0366 vdb entry
http://secunia.com/advisories/22671 third party advisory
http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html mailing list
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1 vendor advisory
http://secunia.com/advisories/21785 third party advisory vendor advisory
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://secunia.com/advisories/31492 third party advisory
http://www.vupen.com/english/advisories/2006/4329 vdb entry
http://www.us.debian.org/security/2006/dsa-1173 patch vendor advisory
http://secunia.com/advisories/38567 third party advisory
http://secunia.com/advisories/22284 third party advisory
http://secunia.com/advisories/24930 third party advisory
http://www.vupen.com/english/advisories/2006/4327 vdb entry
http://www.mandriva.com/security/advisories?name=MDKSA-2006:161 vendor advisory
http://secunia.com/advisories/21778 third party advisory vendor advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1 vendor advisory
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html vendor advisory
http://www.vupen.com/english/advisories/2007/2163 vdb entry
http://secunia.com/advisories/26329 third party advisory
http://secunia.com/advisories/22260 third party advisory vendor advisory
https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html
http://www.vupen.com/english/advisories/2007/0343 vdb entry
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1 vendor advisory
http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html vendor advisory
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc vendor advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://secunia.com/advisories/21982 third party advisory vendor advisory
http://support.attachmate.com/techdocs/2137.html
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
https://issues.rpath.com/browse/RPL-616
http://support.attachmate.com/techdocs/2127.html
http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml vendor advisory
http://www.debian.org/security/2006/dsa-1174 patch vendor advisory
http://secunia.com/advisories/23155 third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1 vendor advisory
http://www.openoffice.org/security/cves/CVE-2006-4339.html
http://secunia.com/advisories/22799 third party advisory
http://www.vupen.com/english/advisories/2006/4207 vdb entry
http://www.vupen.com/english/advisories/2006/4417 vdb entry
http://www.sybase.com/detail?id=1047991
http://secunia.com/advisories/21873 third party advisory vendor advisory
http://www.redhat.com/support/errata/RHSA-2007-0072.html vendor advisory
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html third party advisory
http://www.serv-u.com/releasenotes/
http://www.vupen.com/english/advisories/2006/4744 vdb entry
http://secunia.com/advisories/38568 third party advisory
http://secunia.com/advisories/21846 third party advisory vendor advisory
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
http://www.vupen.com/english/advisories/2007/0254 vdb entry
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742 vendor advisory
http://www.vupen.com/english/advisories/2007/4224 vdb entry
http://secunia.com/advisories/22161 third party advisory vendor advisory
http://marc.info/?l=bind-announce&m=116253119512445&w=2 mailing list
http://secunia.com/advisories/22937 third party advisory
http://secunia.com/advisories/22325 third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 vendor advisory
http://www.vupen.com/english/advisories/2007/2315 vdb entry
http://www.opera.com/support/search/supsearch.dml?index=845
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html vendor advisory
http://secunia.com/advisories/21767 third party advisory vendor advisory
http://www.vupen.com/english/advisories/2007/1815 vdb entry
http://secunia.com/advisories/22232 third party advisory vendor advisory
http://www.us-cert.gov/cas/techalerts/TA06-333A.html third party advisory us government resource
http://secunia.com/advisories/21906 third party advisory vendor advisory
http://www.securityfocus.com/archive/1/489739/100/0/threaded mailing list
http://lists.vmware.com/pipermail/security-announce/2008/000008.html mailing list
http://secunia.com/advisories/22934 third party advisory
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.redhat.com/support/errata/RHSA-2007-0073.html vendor advisory
http://secunia.com/advisories/22585 third party advisory
http://secunia.com/advisories/25399 third party advisory
http://www.vupen.com/english/advisories/2008/0905/references vdb entry
http://www.vupen.com/english/advisories/2007/1401 vdb entry
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1 vendor advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28755 vdb entry
http://secunia.com/advisories/22513 third party advisory
http://secunia.com/advisories/41818 third party advisory
http://support.attachmate.com/techdocs/2128.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656 vdb entry signature
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://secunia.com/advisories/21776 third party advisory vendor advisory
http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc vendor advisory
http://secunia.com/advisories/23455 third party advisory
http://www.securityfocus.com/archive/1/456546/100/200/threaded mailing list
http://secunia.com/advisories/28115 third party advisory
http://secunia.com/advisories/22226 third party advisory vendor advisory
http://www.vupen.com/english/advisories/2006/3936 vdb entry
http://secunia.com/advisories/22066 third party advisory
http://secunia.com/advisories/22936 third party advisory
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177 vendor advisory
http://secunia.com/advisories/22545 third party advisory
http://securitytracker.com/id?1017522 vdb entry
http://secunia.com/advisories/22948 third party advisory
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html vendor advisory
http://secunia.com/advisories/23841 third party advisory
http://www.vupen.com/english/advisories/2006/4205 vdb entry
http://www.vupen.com/english/advisories/2007/2783 vdb entry
http://secunia.com/advisories/22259 third party advisory vendor advisory
http://secunia.com/advisories/22036 third party advisory vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1 vendor advisory
http://www.vupen.com/english/advisories/2006/4586 vdb entry
http://secunia.com/advisories/21927 third party advisory vendor advisory
http://www.novell.com/linux/security/advisories/2006_55_ssl.html vendor advisory
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
http://www.vupen.com/english/advisories/2006/5146 vdb entry
http://secunia.com/advisories/21870 third party advisory vendor advisory
http://www.vupen.com/english/advisories/2006/4216 vdb entry
http://www.vupen.com/english/advisories/2006/3793 vdb entry
http://www.securityfocus.com/bid/28276 vdb entry
http://secunia.com/advisories/21709 third party advisory patch vendor advisory
http://www.kb.cert.org/vuls/id/845620 third party advisory us government resource
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306 vendor advisory
http://security.gentoo.org/glsa/glsa-200609-18.xml vendor advisory
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml vendor advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1 vendor advisory
http://secunia.com/advisories/24950 third party advisory
http://www.securityfocus.com/bid/19849 vdb entry patch

Frequently Asked Questions

What is the severity of CVE-2006-4339?
CVE-2006-4339 has been scored as a medium severity vulnerability.
How to fix CVE-2006-4339?
To fix CVE-2006-4339, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-4339 being actively exploited in the wild?
It is possible that CVE-2006-4339 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~4% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.