CVE-2006-3968Solaris vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 30.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Solaris
Timeline
PublishedAug 1
Latest updateMay 1

Description

The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsun/solaris10.0

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-qmxf-pxcp-h7f3: The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature2022-05-01
CVEList
CVE-2006-3968: The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature2006-08-01
CVE-2006-3968 — SUN Solaris vulnerability | cvebase