CVE-2006-5201

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-5201
Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:P

Exploitability : 4.9 / Impact : 4.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/22204 Patch Third Party Advisory
http://secunia.com/advisories/22226 Third Party Advisory
http://secunia.com/advisories/22325 Third Party Advisory
http://secunia.com/advisories/22992 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm Third Party Advisory
http://www.kb.cert.org/vuls/id/845620 Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/3898 Permissions Required
http://www.vupen.com/english/advisories/2006/3899 Permissions Required
http://www.vupen.com/english/advisories/2006/3960 Permissions Required
http://secunia.com/advisories/22204 Patch Third Party Advisory
http://secunia.com/advisories/22226 Third Party Advisory
http://secunia.com/advisories/22325 Third Party Advisory
http://secunia.com/advisories/22992 Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm Third Party Advisory
http://www.kb.cert.org/vuls/id/845620 Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2006/3898 Permissions Required
http://www.vupen.com/english/advisories/2006/3899 Permissions Required
http://www.vupen.com/english/advisories/2006/3960 Permissions Required
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sun:nss:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:secure_global_desktop:*:*:*:*:*:*:*:*
cpe:2.3:a:sun:staroffice:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*
cpe:2.3:o:sun:solaris:10.0:*:*:*:*:sparc:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:sun:jsse:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*
cpe:2.3:a:sun:jsse:1.0.3_02:*:*:*:*:*:*:*
cpe:2.3:a:sun:jsse:1.0.3_03:*:*:*:*:*:*:*
History

21 Nov 2024, 00:18

Type Values Removed Values Added
References () http://secunia.com/advisories/22204 - Patch, Third Party Advisory () http://secunia.com/advisories/22204 - Patch, Third Party Advisory
References () http://secunia.com/advisories/22226 - Third Party Advisory () http://secunia.com/advisories/22226 - Third Party Advisory
References () http://secunia.com/advisories/22325 - Third Party Advisory () http://secunia.com/advisories/22325 - Third Party Advisory
References () http://secunia.com/advisories/22992 - Third Party Advisory () http://secunia.com/advisories/22992 - Third Party Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1 - Broken Link
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1 - Broken Link
References () http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm - Third Party Advisory () http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm - Third Party Advisory
References () http://www.kb.cert.org/vuls/id/845620 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/845620 - Third Party Advisory, US Government Resource
References () http://www.vupen.com/english/advisories/2006/3898 - Permissions Required () http://www.vupen.com/english/advisories/2006/3898 - Permissions Required
References () http://www.vupen.com/english/advisories/2006/3899 - Permissions Required () http://www.vupen.com/english/advisories/2006/3899 - Permissions Required
References () http://www.vupen.com/english/advisories/2006/3960 - Permissions Required () http://www.vupen.com/english/advisories/2006/3960 - Permissions Required
Information

Published : 2006-10-10 04:06

Updated : 2024-11-21 00:18

NVD link : CVE-2006-5201

Mitre link : CVE-2006-5201

CVE.ORG link : CVE-2006-5201

JSON object : View

Products Affected

sun

  • sdk
  • jdk
  • jsse
  • secure_global_desktop
  • staroffice
  • jre
  • nss
  • sunos
  • solaris
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024