« Sun Alert 102969... | Main | Sun Alert 102926... »
21 Jun 2007 Sun Alert 102970 Security Vulnerability in RSA Signature Verification Affects GnuTLS Library Versions Prior to 1.4.4
posted by security in Alerts
Product: Solaris 10 Operating System

The GnuTLS library version prior to 1.4.4 is impacted by an RSA signature forgery vulnerability. This vulnerability, which affects applications which make use of the GnuTLS library to verify PKCS#1 signatures, allows a malicious user to make an altered PKCS#1 v1.5 signature appear to be correct thus forging the signature.

This issue is described in the following documents:

The issue described in this Sun Alert is specific to the GnuTLS library. Multiple Sun products are affected by this issue. For more details please see Sun Alert 102648 at:

Note: Evolution uses the GnuTLS library and is impacted by this issue.

Avoidance: Patch
State: Resolved
First released: 21-Jun-2007
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102970-1
Permalink | Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102970_security_vulnerability
Comments:

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

« Sun Alert 102969... | Main | Sun Alert 102926... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« December 2009
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.