CVE-2006-4339 – openssl signature forgery
https://notcve.org/view.php?id=CVE-2006-4339
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. OpenSSL en versiones anteriores a 0.9.7, 0.9.7 en versiones anteriores a 0.9.7k y 0.9.8 en versiones anteriores a 0.9.8c, cuando usa una clave RSA con exponente 3, elimina relleno PKCS-1 antes de generar un hash, lo que permite a atacantes remotos falsificar una firma PKCS #1 v1.5 que está firmada por dicha clave RSA e impide a OpenSSL verificar correctamente los certificados X.509 y otros que utilizan PKCS #1. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://dev2dev.bea.com/pub/advisory/238 http://docs.info.apple.com/article.html?artnum=304829 http://docs.info.apple.com/article.html?artnum=307177 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771 http://itrc.hp.com/service/cki/docDisplay.do? • CWE-310: Cryptographic Issues •
CVE-2005-2969 – openssl mitm downgrade attack
https://notcve.org/view.php?id=CVE-2005-2969
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. • ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers/dir5.10.3_docs_relnotes.pdf http://docs.info.apple.com/article.html?artnum=302847 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://secunia.com/advisories/17146 http://secunia.com/advisories/17151 http://secunia.com/advisories/17153 http://secunia.com/advisories/17169 http:/ •