CVE-2006-4790 — Improper Authentication in Gnutls

CWE-310 CWE-287 — Improper Authentication9 documents6 sources

Severity

5.0MEDIUMNVD

CNA4.3

EPSS

6.8%

top 8.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Gnutls

Timeline

PublishedSep 14

Latest updateMay 1

Description

verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDgnu/gnutls40 versions+39

Patches

Patch: www.gnu.org ↗Patch: www.redhat.com ↗Patch: www.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-fjc3-r8f9-57p5: verify↗2022-05-01

▶

CVEList

CVE-2006-4790: verify↗2006-09-14

▶

📋Vendor Advisories

Red Hat

strongswan: authentication bypass in verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c↗2018-09-24

▶

Ubuntu

GnuTLS vulnerability↗2006-09-19

▶

Red Hat

security flaw↗2006-09-08

▶

💬Community

Bugzilla

CVE-2018-16152 strongswan: authentication bypass in verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c↗2018-10-03

▶

Bugzilla

CVE-2006-4790 security flaw↗2018-08-16

▶

Bugzilla

CVE-2006-4790 RSA forgery affects gnutls↗2006-09-14

▶