{
  "threat_severity" : "Critical",
  "public_date" : "2006-09-05T17:00:00Z",
  "cvss3" : {
    "cvss3_base_score" : "9.1",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-347",
  "details" : [ "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.", "A flaw was found in OpenSSL. When configured to use an RSA key with exponent 3, OpenSSL improperly removes PKCS-1 padding before generating a hash. This allows remote attackers to forge PKCS #1 v1.5 signatures. Consequently, OpenSSL may incorrectly verify X.509 and other certificates, leading to a bypass of trust and authentication mechanisms." ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "edk2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "shim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "shim-unsigned-aarch64",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "shim-unsigned-x64",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "ovmf",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "compat-openssl10",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "edk2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "mingw-openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "shim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "shim-unsigned-x64",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "compat-openssl11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "edk2",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "shim",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "shim-unsigned-aarch64",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "shim-unsigned-x64",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat JBoss Core Services",
    "fix_state" : "Not affected",
    "package_name" : "openssl",
    "cpe" : "cpe:/a:redhat:jboss_core_services:1"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "rhcos",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2006-4339\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-4339\nhttp://dev2dev.bea.com/pub/advisory/238\nhttp://docs.info.apple.com/article.html?artnum=304829\nhttp://docs.info.apple.com/article.html?artnum=307177\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495\nhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771\nhttp://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540\nhttp://jvn.jp/en/jp/JVN51615542/index.html\nhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000079.html\nhttp://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html\nhttp://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html\nhttp://lists.vmware.com/pipermail/security-announce/2008/000008.html\nhttp://marc.info/?l=bind-announce&m=116253119512445&w=2\nhttp://marc.info/?l=bugtraq&m=130497311408250&w=2\nhttp://openvpn.net/changelog.html\nhttp://secunia.com/advisories/21709\nhttp://secunia.com/advisories/21767\nhttp://secunia.com/advisories/21776\nhttp://secunia.com/advisories/21778\nhttp://secunia.com/advisories/21785\nhttp://secunia.com/advisories/21791\nhttp://secunia.com/advisories/21812\nhttp://secunia.com/advisories/21823\nhttp://secunia.com/advisories/21846\nhttp://secunia.com/advisories/21852\nhttp://secunia.com/advisories/21870\nhttp://secunia.com/advisories/21873\nhttp://secunia.com/advisories/21906\nhttp://secunia.com/advisories/21927\nhttp://secunia.com/advisories/21930\nhttp://secunia.com/advisories/21982\nhttp://secunia.com/advisories/22036\nhttp://secunia.com/advisories/22044\nhttp://secunia.com/advisories/22066\nhttp://secunia.com/advisories/22161\nhttp://secunia.com/advisories/22226\nhttp://secunia.com/advisories/22232\nhttp://secunia.com/advisories/22259\nhttp://secunia.com/advisories/22260\nhttp://secunia.com/advisories/22284\nhttp://secunia.com/advisories/22325\nhttp://secunia.com/advisories/22446\nhttp://secunia.com/advisories/22509\nhttp://secunia.com/advisories/22513\nhttp://secunia.com/advisories/22523\nhttp://secunia.com/advisories/22545\nhttp://secunia.com/advisories/22585\nhttp://secunia.com/advisories/22671\nhttp://secunia.com/advisories/22689\nhttp://secunia.com/advisories/22711\nhttp://secunia.com/advisories/22733\nhttp://secunia.com/advisories/22758\nhttp://secunia.com/advisories/22799\nhttp://secunia.com/advisories/22932\nhttp://secunia.com/advisories/22934\nhttp://secunia.com/advisories/22936\nhttp://secunia.com/advisories/22937\nhttp://secunia.com/advisories/22938\nhttp://secunia.com/advisories/22939\nhttp://secunia.com/advisories/22940\nhttp://secunia.com/advisories/22948\nhttp://secunia.com/advisories/22949\nhttp://secunia.com/advisories/23155\nhttp://secunia.com/advisories/23455\nhttp://secunia.com/advisories/23680\nhttp://secunia.com/advisories/23794\nhttp://secunia.com/advisories/23841\nhttp://secunia.com/advisories/23915\nhttp://secunia.com/advisories/24099\nhttp://secunia.com/advisories/24930\nhttp://secunia.com/advisories/24950\nhttp://secunia.com/advisories/25284\nhttp://secunia.com/advisories/25399\nhttp://secunia.com/advisories/25649\nhttp://secunia.com/advisories/26329\nhttp://secunia.com/advisories/26893\nhttp://secunia.com/advisories/28115\nhttp://secunia.com/advisories/31492\nhttp://secunia.com/advisories/38567\nhttp://secunia.com/advisories/38568\nhttp://secunia.com/advisories/41818\nhttp://secunia.com/advisories/60799\nhttp://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc\nhttp://security.gentoo.org/glsa/glsa-200609-05.xml\nhttp://security.gentoo.org/glsa/glsa-200609-18.xml\nhttp://securitytracker.com/id?1016791\nhttp://securitytracker.com/id?1017522\nhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.566955\nhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.605306\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1\nhttp://support.attachmate.com/techdocs/2127.html\nhttp://support.attachmate.com/techdocs/2128.html\nhttp://support.attachmate.com/techdocs/2137.html\nhttp://support.avaya.com/elmodocs2/security/ASA-2006-188.htm\nhttp://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf\nhttp://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html\nhttp://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html\nhttp://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml\nhttp://www.debian.org/security/2006/dsa-1174\nhttp://www.gentoo.org/security/en/glsa/glsa-200610-06.xml\nhttp://www.gentoo.org/security/en/glsa/glsa-201408-19.xml\nhttp://www.imc.org/ietf-openpgp/mail-archive/msg14307.html\nhttp://www.kb.cert.org/vuls/id/845620\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:161\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:177\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:178\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:207\nhttp://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/\nhttp://www.novell.com/linux/security/advisories/2006_26_sr.html\nhttp://www.novell.com/linux/security/advisories/2006_55_ssl.html\nhttp://www.novell.com/linux/security/advisories/2006_61_opera.html\nhttp://www.novell.com/linux/security/advisories/2007_10_ibmjava.html\nhttp://www.openbsd.org/errata.html\nhttp://www.openoffice.org/security/cves/CVE-2006-4339.html\nhttp://www.openpkg.com/security/advisories/OpenPKG-SA-2006.018.html\nhttp://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html\nhttp://www.openssl.org/news/secadv_20060905.txt\nhttp://www.opera.com/support/search/supsearch.dml?index=845\nhttp://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html\nhttp://www.osvdb.org/28549\nhttp://www.redhat.com/support/errata/RHSA-2006-0661.html\nhttp://www.redhat.com/support/errata/RHSA-2007-0062.html\nhttp://www.redhat.com/support/errata/RHSA-2007-0072.html\nhttp://www.redhat.com/support/errata/RHSA-2007-0073.html\nhttp://www.redhat.com/support/errata/RHSA-2008-0629.html\nhttp://www.securityfocus.com/archive/1/445231/100/0/threaded\nhttp://www.securityfocus.com/archive/1/445822/100/0/threaded\nhttp://www.securityfocus.com/archive/1/450327/100/0/threaded\nhttp://www.securityfocus.com/archive/1/456546/100/200/threaded\nhttp://www.securityfocus.com/archive/1/489739/100/0/threaded\nhttp://www.securityfocus.com/bid/19849\nhttp://www.securityfocus.com/bid/22083\nhttp://www.securityfocus.com/bid/28276\nhttp://www.serv-u.com/releasenotes/\nhttp://www.sybase.com/detail?id=1047991\nhttp://www.ubuntu.com/usn/usn-339-1\nhttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\nhttp://www.us.debian.org/security/2006/dsa-1173\nhttp://www.vmware.com/security/advisories/VMSA-2008-0005.html\nhttp://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\nhttp://www.vmware.com/support/player/doc/releasenotes_player.html\nhttp://www.vmware.com/support/player2/doc/releasenotes_player2.html\nhttp://www.vmware.com/support/server/doc/releasenotes_server.html\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nhttp://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\nhttp://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\nhttp://www.vupen.com/english/advisories/2006/3453\nhttp://www.vupen.com/english/advisories/2006/3566\nhttp://www.vupen.com/english/advisories/2006/3730\nhttp://www.vupen.com/english/advisories/2006/3748\nhttp://www.vupen.com/english/advisories/2006/3793\nhttp://www.vupen.com/english/advisories/2006/3899\nhttp://www.vupen.com/english/advisories/2006/3936\nhttp://www.vupen.com/english/advisories/2006/4205\nhttp://www.vupen.com/english/advisories/2006/4206\nhttp://www.vupen.com/english/advisories/2006/4207\nhttp://www.vupen.com/english/advisories/2006/4216\nhttp://www.vupen.com/english/advisories/2006/4327\nhttp://www.vupen.com/english/advisories/2006/4329\nhttp://www.vupen.com/english/advisories/2006/4366\nhttp://www.vupen.com/english/advisories/2006/4417\nhttp://www.vupen.com/english/advisories/2006/4586\nhttp://www.vupen.com/english/advisories/2006/4744\nhttp://www.vupen.com/english/advisories/2006/4750\nhttp://www.vupen.com/english/advisories/2006/5146\nhttp://www.vupen.com/english/advisories/2007/0254\nhttp://www.vupen.com/english/advisories/2007/0343\nhttp://www.vupen.com/english/advisories/2007/1401\nhttp://www.vupen.com/english/advisories/2007/1815\nhttp://www.vupen.com/english/advisories/2007/1945\nhttp://www.vupen.com/english/advisories/2007/2163\nhttp://www.vupen.com/english/advisories/2007/2315\nhttp://www.vupen.com/english/advisories/2007/2783\nhttp://www.vupen.com/english/advisories/2007/4224\nhttp://www.vupen.com/english/advisories/2008/0905/references\nhttp://www.vupen.com/english/advisories/2010/0366\nhttp://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742\nhttp://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117\nhttps://exchange.xforce.ibmcloud.com/vulnerabilities/28755\nhttps://issues.rpath.com/browse/RPL-1633\nhttps://issues.rpath.com/browse/RPL-616\nhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11656\nhttps://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html\nhttps://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" ],
  "name" : "CVE-2006-4339",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}