Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

OpenSSL RSA Signature Forgery Vulnerability

Cisco-SA-20060905-CVE-2007-5810 · Medium · Published · Updated

OpenSSL versions 0.9.7j and prior and 0.9.8b and prior contain a vulnerability that could allow an unauthenticated, remote attacker to successfully pass a forged X.509 certificate. The vulnerability could allow an unauthenticated, remote attacker to pass a forged Public-Key Cryptography Standards (PKCS)#1 Version 1.5 signature when signed by a certain type of RSA key.  An attacker could exploit the vulnerability to access certificate-protected resources. OpenSSL confirmed the vulnerability in a security advisory and released updated versions. This vulnerability affects PKCS #1 v1.5 signatures if the exponent of the public key is 3, which is widely used by Certificate Authorities.  An attacker will likely exploit this vulnerability to forge signatures without the secret key.  PKCS #1 v1.5 is often utilized within X.509 certificates; therefore, all applications that use OpenSSL to verify X.509 certificates may be vulnerable, including software that uses OpenSSL for SSL or TLS.

Cisco advisory · CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to utilize certificates as part of a two-factor authentication system.

Administrators may consider restricting access to certificate-protected resources to trusted users through the use of a VPN or other remote access technology that is not affected.

Administrators running ISC BIND using DNSSEC are advised to apply the available software updates, generate new RSA-SHA1 and RSA-MD5 keys for all old keys, and perform a key rollover to the new keys.

CVEsCVE-2006-4339, CVE-2007-5810
Cisco Bug IDsNA
CVSS ScoreBase 6.4
Base 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco Application and Content Networking System (ACNS) Software, Cisco Content Services Switch (CSS), Cisco Intrusion Detection System (IDS), Cisco Prime Access Registrar, Cisco GSS Global Site Selector, Cisco SIP Proxy Server, CiscoWorks Common Services (CS), CiscoWorks Common Management Foundation (CMF), Cisco MDS SAN-OS Software, Cisco Security Agent, Cisco ONS 15454 System Software, Cisco PIX/ASA, Cisco Security Monitoring, Analysis, and Response System (MARS), Cisco Unified Presence Server, Cisco Wide Area File Services (WAFS), Cisco Wide Area Application Services (WAAS), Cisco Unified Communications Manager, Cisco Wireless LAN Controller (WLC) 4.0.196, Cisco Wireless LAN Controller (WLC)

Related Products

Product CVE Evidence
CiscoWorks Common Services (CS) CVE-2006-4339 Cisco OpenVuln
CiscoWorks Common Services (CS) CVE-2007-5810 Cisco OpenVuln
CiscoWorks Common Management Foundation (CMF) CVE-2006-4339 Cisco OpenVuln
CiscoWorks Common Management Foundation (CMF) CVE-2007-5810 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2006-4339 Cisco OpenVuln
Cisco Wireless LAN Controller (WLC) CVE-2007-5810 Cisco OpenVuln
Cisco Wide Area File Services (WAFS) CVE-2006-4339 Cisco OpenVuln
Cisco Wide Area File Services (WAFS) CVE-2007-5810 Cisco OpenVuln
Cisco Wide Area Application Services (WAAS) CVE-2006-4339 Cisco OpenVuln
Cisco Wide Area Application Services (WAAS) CVE-2007-5810 Cisco OpenVuln
Cisco Unified Presence Server CVE-2006-4339 Cisco OpenVuln
Cisco Unified Presence Server CVE-2007-5810 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2006-4339 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2007-5810 Cisco OpenVuln
Cisco Security Monitoring, Analysis, and Response System (MARS) CVE-2006-4339 Cisco OpenVuln
Cisco Security Monitoring, Analysis, and Response System (MARS) CVE-2007-5810 Cisco OpenVuln
Cisco Security Agent CVE-2006-4339 Cisco OpenVuln
Cisco Security Agent CVE-2007-5810 Cisco OpenVuln
Cisco SIP Proxy Server CVE-2006-4339 Cisco OpenVuln
Cisco SIP Proxy Server CVE-2007-5810 Cisco OpenVuln
Cisco Prime Access Registrar CVE-2006-4339 Cisco OpenVuln
Cisco Prime Access Registrar CVE-2007-5810 Cisco OpenVuln
Cisco PIX/ASA CVE-2006-4339 Cisco OpenVuln
Cisco PIX/ASA CVE-2007-5810 Cisco OpenVuln
Cisco ONS 15454 System Software CVE-2006-4339 Cisco OpenVuln
Cisco ONS 15454 System Software CVE-2007-5810 Cisco OpenVuln
Cisco MDS SAN-OS Software CVE-2006-4339 Cisco OpenVuln
Cisco MDS SAN-OS Software CVE-2007-5810 Cisco OpenVuln
Cisco Intrusion Detection System (IDS) CVE-2006-4339 Cisco OpenVuln
Cisco Intrusion Detection System (IDS) CVE-2007-5810 Cisco OpenVuln
Cisco GSS Global Site Selector CVE-2006-4339 Cisco OpenVuln
Cisco GSS Global Site Selector CVE-2007-5810 Cisco OpenVuln
Cisco Content Services Switch (CSS) CVE-2006-4339 Cisco OpenVuln
Cisco Content Services Switch (CSS) CVE-2007-5810 Cisco OpenVuln
Cisco Application and Content Networking System (ACNS) Software CVE-2006-4339 Cisco OpenVuln
Cisco Application and Content Networking System (ACNS) Software CVE-2007-5810 Cisco OpenVuln
Application and Content Networking System (ACNS) Software CVE-2006-4339 Cisco OpenVuln
Application and Content Networking System (ACNS) Software CVE-2007-5810 Cisco OpenVuln