Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

gnutls11, gnutls12 vulnerability

Related Vulnerabilities: CVE-2006-4790  

The GnuTLS library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge signatures without the need of the secret key.

The problem can be corrected by updating your system to the following package versions:

Source

19 September 2006

gnutls11, gnutls12 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 6.06 LTS
  • Ubuntu 5.10
  • Ubuntu 5.04

Software Description

Details

The GnuTLS library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge signatures without the need of the secret key.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.06 LTS
libgnutls11 - 1.0.16-14ubuntu1.1
libgnutls12 - 1.2.9-2ubuntu1.1
Ubuntu 5.10
libgnutls11 - 1.0.16-13.1ubuntu1.2
Ubuntu 5.04
libgnutls11 - 1.0.16-13ubuntu0.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started