drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Zertifikaten in openssl
Name: |
Mangelnde Prüfung von Zertifikaten in openssl |
|
ID: |
TLSA-2006-29 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 8 Server, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Di, 26. September 2006, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 |
|
Applikationen: |
OpenSSL |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2006-29 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 25 Sep 2006 Last revised: 25 Sep 2006
Package: openssl
Summary: Multiple RSA implementations fail
More information: The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
Multiple RSA implementations fail to properly handle RSA signatures.
Impact: This vulnerability may allow an attacker to forge RSA signatures.
Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 7 Server
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
openssl-0.9.7d-8.src.rpm 2894646 11123268b7bf28d0267beb093c4622a0 openssl-compat-0.9.6m-9.src.rpm 2274196 e5df0088529c7e785b8e32e18bd43d3a
Binary Packages Size: MD5
openssl-0.9.7d-8.i586.rpm 1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4 openssl-compat-0.9.6m-9.i586.rpm 755984 d86bc1be35ec566c4667e489c3480a58 openssl-devel-0.9.7d-8.i586.rpm 1481081 8a44952185f35bc408bb8176c0efba32
<Turbolinux FUJI>
Source Packages Size: MD5
openssl-0.9.8-7.src.rpm 3344248 e8c8039409b9b3853420d9e8e8970ad8 openssl-compat-0.9.7d-8.src.rpm 2894595 44dcb312de9c81c7dd076ded48513124 openssl096-0.9.6m-2.src.rpm 2274791 ccadbcc487b1e1e3f1e0c306b6467b8a
Binary Packages Size: MD5
openssl-0.9.8-7.i686.rpm 1738385 1ff4c80d9ab1cb3fbf690d409065409d openssl-compat-0.9.7d-8.i686.rpm 1056442 2f6453479436ec349863c73e261b43f3 openssl-devel-0.9.8-7.i686.rpm 1924275 5e5033a8f064b81396b5b95a1deae1fe openssl096-0.9.6m-2.i686.rpm 881205 ea34856977c7aac8e72e665d6fe1991d
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
openssl-0.9.7d-8.src.rpm 2894646 9977e9026a24df1d7dab08995d0e4ab9 openssl-compat-0.9.6m-9.src.rpm 2274196 3b059d176d044a21daa33649d64b2faa
Binary Packages Size: MD5
openssl-0.9.7d-8.x86_64.rpm 1410739 2599c207d81e0820581cc13f4f449543 openssl-compat-0.9.6m-9.x86_64.rpm 850020 8960bebf8a95ad5f12ca4add2d851c72 openssl-devel-0.9.7d-8.x86_64.rpm 1546788 5b85cb78c3a5d3219bda53d5d8b6fd99
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
openssl-0.9.6m-6.src.rpm 2363174 e13928ca96553bf0ec1b6bc1e919ae3d
Binary Packages Size: MD5
openssl-0.9.6m-6.i586.rpm 1445180 619f2009b189e01954d97b0ab1450b4c openssl-devel-0.9.6m-6.i586.rpm 1159098 50467d8488a84cc576730bb6c627ee85
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
openssl-0.9.6m-6.src.rpm 2363174 aa0ad99a5de2b21fdc21281d0eff6c2a
Binary Packages Size: MD5
openssl-0.9.6m-6.i586.rpm 1445379 ed3cd7b0c4dda4514dfaf9f6d16b0347 openssl-devel-0.9.6m-6.i586.rpm 1158782 fdfd39d96734d73449d66e007af7607e
<Turbolinux 10 Server>
Source Packages Size: MD5
openssl-0.9.7d-8.src.rpm 2894646 11123268b7bf28d0267beb093c4622a0 openssl-compat-0.9.6m-9.src.rpm 2274196 e5df0088529c7e785b8e32e18bd43d3a
Binary Packages Size: MD5
openssl-0.9.7d-8.i586.rpm 1300626 a9d6ef6faebc2ef3dfd239dfe2c6fac4 openssl-compat-0.9.6m-9.i586.rpm 755984 d86bc1be35ec566c4667e489c3480a58 openssl-devel-0.9.7d-8.i586.rpm 1481081 8a44952185f35bc408bb8176c0efba32
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
openssl-0.9.7d-8.src.rpm 2894646 bf78baf4dee5b9a5d232b0b3ccd57941 openssl-compat-0.9.6m-9.src.rpm 2274196 10694fc13657f481fec2ce099b514ce6
Binary Packages Size: MD5
openssl-0.9.7d-8.i586.rpm 1303637 e383f61f085d1b81b9b3691cf9aa499b openssl-compat-0.9.6m-9.i586.rpm 755256 3cf38a9800394c4d153a59ded67c2c63 openssl-devel-0.9.7d-8.i586.rpm 1482484 2862f7f47b8b206217e849f5b946ebd6
<Turbolinux 8 Server>
Source Packages Size: MD5
openssl-0.9.6m-6.src.rpm 2363174 459499a18120e7c4a9cf51c6c78dac20
Binary Packages Size: MD5
openssl-0.9.6m-6.i586.rpm 1445757 ce5da0ddb59dc595de18dad28913051c openssl-devel-0.9.6m-6.i586.rpm 1158634 10f274c39c9d777a5d3df09b6eb0bca2
<Turbolinux 7 Server>
Source Packages Size: MD5
openssl-0.9.6m-6.src.rpm 2363174 186038bfea197edc748ccc802d020799
Binary Packages Size: MD5
openssl-0.9.6m-6.i586.rpm 1413429 8da5eefc42d19ce95490526c9e4c4a05 openssl-devel-0.9.6m-6.i586.rpm 1140635 8913133f83d220904965e9de98f0a73f
CVE [CVE-2006-4339] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
-------------------------------------------------------------------------- Revision History 25 Sep 2006 Initial release --------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFFF9oiK0LzjOqIJMwRAnbtAJ9u4lwUjH4bG1pkQaSq8kSHK/WwaACfVpD6 Za+0ojUvBbPQN/gs3umZL1c= =3uvk -----END PGP SIGNATURE-----
|
|
|
|