Joined: 12 May 2004
|Posted: Tue Sep 26, 2006 5:26 pm Post subject: [ GLSA 200609-15 ] GnuTLS: RSA Signature Forgery
|Gentoo Linux Security Advisory
Title: GnuTLS: RSA Signature Forgery (GLSA 200609-15)
Date: September 26, 2006
GnuTLS fails to handle excess data which could allow an attacker to forge a
PKCS #1 v1.5 signature.
GnuTLS is an implementation of SSL 3.0 and TLS 1.0.
Vulnerable: < 1.4.4
Unaffected: >= 1.4.4
Architectures: All supported architectures
verify.c fails to properly handle excess data in
digestAlgorithm.parameters field while generating a hash when using an
RSA key with exponent 3. RSA keys that use exponent 3 are commonplace.
Remote attackers could forge PKCS #1 v1.5 signatures that are signed
with an RSA key, preventing GnuTLS from correctly verifying X.509 and
other certificates that use PKCS.
There is no known workaround at this time.
All GnuTLS users should update both packages:
|# emerge --sync
# emerge --update --ask --verbose ">=net-libs/gnutls-1.4.4"
Last edited by GLSA on Wed Dec 08, 2010 4:22 am; edited 2 times in total