Vulnerability CVE-2006-4790 - CERT Civis.Net

Vulnerability Name:

CVE-2006-4790 (CCN-28953)

Assigned:

2006-09-08

Published:

2006-09-08

Updated:

2017-10-11

Summary:

verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2006-4790

Source: MLIST
Type: UNKNOWN
[gnutls-dev] 20060908 Variant of Bleichenbacher's crypto 06 rump session attack

Source: MLIST
Type: UNKNOWN
[gnutls-dev] 20060912 Re: Variant of Bleichenbacher's crypto 06 rump session attack

Source: CCN
Type: RHSA-2006-0680
gnutls security update

Source: CCN
Type: SA21937
GnuTLS RSA Signature Forgery Vulnerability

Source: SECUNIA
Type: UNKNOWN
21937

Source: SECUNIA
Type: UNKNOWN
21942

Source: SECUNIA
Type: UNKNOWN
21973

Source: SECUNIA
Type: UNKNOWN
22049

Source: SECUNIA
Type: UNKNOWN
22080

Source: SECUNIA
Type: UNKNOWN
22084

Source: SECUNIA
Type: UNKNOWN
22097

Source: CCN
Type: SA22226
Sun Solaris RSA Signature Forgery Vulnerability

Source: SECUNIA
Type: UNKNOWN
22226

Source: CCN
Type: SA22992
Avaya CMS Sun Solaris X Display Manager Security Issue

Source: SECUNIA
Type: UNKNOWN
22992

Source: CCN
Type: SA25762
Sun Solaris GnuTLS RSA Signature Forgery Vulnerability

Source: SECUNIA
Type: UNKNOWN
25762

Source: GENTOO
Type: UNKNOWN
GLSA-200609-15

Source: CCN
Type: SECTRACK ID: 1016844
GnuTLS May Allow Digital Signatures to Be Forged

Source: SECTRACK
Type: UNKNOWN
1016844

Source: SUNALERT
Type: UNKNOWN
102648

Source: CCN
Type: Sun Alert ID: 102970
Security Vulnerability in RSA Signature Verification Affects GnuTLS Library Versions

Source: SUNALERT
Type: UNKNOWN
102970

Source: CCN
Type: ASA-2006-225
gnutls security update (RHSA-2006-0680)

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm

Source: CCN
Type: ASA-2007-282
Security Vulnerability in RSA Signature Verification Affects GnuTLS Library Versions Prior to 1.4.4 (Sun 102970)

Source: DEBIAN
Type: UNKNOWN
DSA-1182

Source: DEBIAN
Type: DSA-1182
gnutls11 -- cryptographic weakness

Source: CCN
Type: GLSA-200609-15
GnuTLS: RSA Signature Forgery

Source: CCN
Type: GNU TLS Library Project Web site
The GNU Transport Layer Security Library

Source: CONFIRM
Type: Patch
http://www.gnu.org/software/gnutls/security.html

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:166

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:023

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:010

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2006:0680

Source: BID
Type: UNKNOWN
20027

Source: CCN
Type: BID-20027
GNUTLS PKCS RSA Signature Forgery Vulnerability

Source: CCN
Type: USN-348-1
GnuTLS vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-348-1

Source: VUPEN
Type: UNKNOWN
ADV-2006-3635

Source: VUPEN
Type: UNKNOWN
ADV-2006-3899

Source: VUPEN
Type: UNKNOWN
ADV-2007-2289

Source: XF
Type: UNKNOWN
gnutls-rsakey-security-bypass(28953)

Source: XF
Type: UNKNOWN
gnutls-rsakey-security-bypass(28953)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9937

Source: SUSE
Type: SUSE-SA:2007:010
IBMJava security update

Source: SUSE
Type: SUSE-SR:2006:023
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42316	P	Security update for p11-kit (Moderate)	2022-07-15
oval:org.opensuse.security:def:20064790	V	CVE-2006-4790	2022-06-30
oval:org.opensuse.security:def:112326	P	gnutls-3.7.2-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31376	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:31336	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:33063	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:26177	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:32215	P	Security update for qemu (Important)	2021-11-10
oval:org.opensuse.security:def:105847	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:31691	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:26138	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:32196	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:31686	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:31265	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:42118	P	Security update for libesmtp (Important)	2021-09-03
oval:org.opensuse.security:def:26114	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:31244	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:32152	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:26089	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:32130	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:26076	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:36139	P	gnutls-2.4.1-24.39.55.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31633	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36451	P	libgnutls-devel-2.4.1-24.39.55.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31636	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:42546	P	gnutls-2.4.1-24.39.55.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31191	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:31180	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:32091	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:31617	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:26038	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:26036	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:31606	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:31605	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32059	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:33102	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:31743	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:31741	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:32271	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:26204	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:26191	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:31692	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:26030	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:31179	P	Security update for dovecot22 (Important)	2021-01-04
oval:org.opensuse.security:def:25980	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:32834	P	Security update for curl (Moderate)	2020-12-18
oval:org.opensuse.security:def:25973	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:35558	P	gnutls-2.4.1-24.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35711	P	gnutls-2.4.1-24.39.33.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41965	P	gnutls-2.4.1-24.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35909	P	gnutls-2.4.1-24.39.45.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:26285	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:26318	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:32381	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25263	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:31397	P	Security update for perl (Low)	2020-12-01
oval:org.opensuse.security:def:26577	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25994	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32873	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25688	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:26406	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:26558	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25338	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31546	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:26873	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25700	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31915	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:32042	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26776	P	libzip1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31027	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25547	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:31802	P	Security update for adns (Important)	2020-12-01
oval:org.opensuse.security:def:25892	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:27449	P	libgnutls-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25109	P	Security update for audit (Moderate)	2020-12-01
oval:org.opensuse.security:def:31112	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25827	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32637	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31388	P	Security update for openwsman (Important)	2020-12-01
oval:org.opensuse.security:def:32425	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:25121	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:26630	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25460	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31594	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26000	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25313	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31830	P	Security update for bind (Critical)	2020-12-01
oval:org.opensuse.security:def:26718	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26711	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25535	P	Security update for audiofile (Low)	2020-12-01
oval:org.opensuse.security:def:31894	P	Security update for fetchmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:27102	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26012	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:25451	P	Security update for gdb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31846	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25744	P	Security update for djvulibre (Low)	2020-12-01
oval:org.opensuse.security:def:25739	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31955	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:32359	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:32523	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25262	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:26426	P	Security update for singularity (Moderate)	2020-12-01
oval:org.opensuse.security:def:26342	P	Security update for openjpeg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26367	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26523	P	apache2-mod_perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25274	P	Security update for djvulibre (Low)	2020-12-01
oval:org.opensuse.security:def:31489	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:26235	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25689	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31823	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:31789	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:26420	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:31026	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25466	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:31780	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26908	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25764	P	Security update for webkitgtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:31972	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.opensuse.security:def:27414	P	gnucash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31038	P	Security update for kdebase4-workspace (Moderate)	2020-12-01
oval:org.opensuse.security:def:25604	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25788	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:31999	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:31377	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25110	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:26265	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:25841	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32676	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25459	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:31462	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:31480	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25185	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31393	P	Security update for pam_pkcs11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26679	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26676	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25471	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31845	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:26464	P	Security update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:26001	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:25394	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26732	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25663	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25686	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:31933	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:27137	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25885	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32320	P	Security update for rzsz (Moderate)	2020-12-01
oval:org.opensuse.security:def:32484	P	PackageKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25801	P	Security update for libvdpau (Moderate)	2020-12-01
oval:org.opensuse.security:def:25941	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.mitre.oval:def:9937	V	verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.	2013-04-29
oval:org.debian:def:1182	V	cryptographic weakness	2006-09-22
oval:com.redhat.rhsa:def:20060680	P	RHSA-2006:0680: gnutls security update (Important)	2006-09-14