CVSS: 4.0EPSS: 1%CPEs: 95EXPL: 0CVE-2006-5201
https://notcve.org/view.php?id=CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. Múltiples paquetes sobre Sun Solaris, incluyendo (1) NSS; (2) Java JDK and JRE 5.0 Update 8 y anteriores, SDK y JRE 1.4.x hasta 1.4.2_12, y SDK y JRE 1.3.x hasta 1.3.1_19; (3) JSSE 1.0.3_03 y anteriores; (4) IPSec/IKE; (5) Secure Global Desktop; y (6) StarOffice, cuando se usa una llave RSA con un exponente 3, elimina el relleno PKCS-1 antes de generar un hash, lo cual permite a un atacante remoto falsificar una firma PKCS #1 v1.5 que esta firmada por una llave RSA y evita que estos productos verifiquen correctamente X.509 y otros certificados que utilicen PKCS #1. • http://secunia.com/advisories/22204 http://secunia.com/advisories/22226 http://secunia.com/advisories/22325 http://secunia.com/advisories/22992 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm http://www.kb.cert.org/vuls/id/845620 http://www.vupen.com/english/advisories/2006/3898 http://www.vupen.com/english/advisories/2006&# •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 0CVE-2006-5075
https://notcve.org/view.php?id=CVE-2006-5075
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client. El servicio Kernel SSL Proxy (svc:/network/ssl/proxy) en Sun Solaris 10 anterior al 26/09/2006 permite a atacantes remotos provocar una denegación de servicio (caída del sistema) a través de vectores no identificados relacionados con un cliente SSL. • http://secunia.com/advisories/22136 http://securitytracker.com/id?1016936 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102563-1 http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm http://www.securityfocus.com/bid/20224 http://www.vupen.com/english/advisories/2006/3792 https://exchange.xforce.ibmcloud.com/vulnerabilities/29185 •
CVSS: 7.8EPSS: 8%CPEs: 3EXPL: 0CVE-2006-5073
https://notcve.org/view.php?id=CVE-2006-5073
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. Vulnerabilidad no especificada en Sun Solaris 8, 9 y 10 permite a atacantes remotos provocar una denegación de servicio (panic) mediante paquetes IPv6 construidos artesanalmente, una vulnerabilidad distinta de CV6-2006-5013. • http://secunia.com/advisories/22132 http://secunia.com/advisories/22581 http://securitytracker.com/id?1016968 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102144-1 http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm http://www.securityfocus.com/bid/20252 http://www.vupen.com/english/advisories/2006/3847 https://exchange.xforce.ibmcloud.com/vulnerabilities/29246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2099 •
CVSS: 7.8EPSS: 8%CPEs: 1EXPL: 0CVE-2006-5013
https://notcve.org/view.php?id=CVE-2006-5013
Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets. Sun Solaris 10 anterior al parche 118855-16 (25/09/2006), cuando se ejecuta sober sistemas x64 usando IPv6 permite a un atacante remoto provocar denegación de servicio (kernel panic) a través de paquetes artesanales IPv6. • http://secunia.com/advisories/22103 http://securitytracker.com/id?1016930 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102568-1 http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm http://www.securityfocus.com/bid/20195 http://www.vupen.com/english/advisories/2006/3767 https://exchange.xforce.ibmcloud.com/vulnerabilities/29150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1893 •
CVSS: 6.6EPSS: 0%CPEs: 14EXPL: 0CVE-2006-5012
https://notcve.org/view.php?id=CVE-2006-5012
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors. Vulnerabilidad no especificada en Sun Solaris 8, 9, y 10 anteiror a 25/09/2006, permite a un usuario local provocar una denegación de servicio (deshabilitar el registro del sistema) y evitar que los mensajes de la seguridad sean registrados a trvavés de vectores sin especificar. • http://secunia.com/advisories/22083 http://secunia.com/advisories/22587 http://securitytracker.com/id?1016929 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102510-1 http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm http://www.securityfocus.com/bid/20211 http://www.vupen.com/english/advisories/2006/3768 https://exchange.xforce.ibmcloud.com/vulnerabilities/29149 •