CVE-2006-2940
Detail
Deferred This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Current Description
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
Analysis
Description
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via certain public keys that require extra time to process.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to nvd@nist.gov .
URL
Source(s)
Tag(s)
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
CVE, Inc., Red Hat
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
CVE, Inc., Red Hat
http://docs.info.apple.com/article.html?artnum=304829
CVE, Inc., Red Hat
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
CVE, Inc., Red Hat
http://issues.rpath.com/browse/RPL-613
CVE, Inc., Red Hat
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
CVE, Inc., Red Hat
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
CVE, Inc., Red Hat
http://kolab.org/security/kolab-vendor-notice-11.txt
CVE, Inc., Red Hat
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
CVE, Inc., Red Hat
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
CVE, Inc., Red Hat
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
CVE, Inc., Red Hat
http://marc.info/?l=bind-announce&m=116253119512445&w=2
CVE, Inc., Red Hat
http://marc.info/?l=bugtraq&m=130497311408250&w=2
CVE, Inc., Red Hat
http://openbsd.org/errata.html#openssl2
CVE, Inc., Red Hat
http://openvpn.net/changelog.html
CVE, Inc., Red Hat
http://secunia.com/advisories/22094
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22116
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22130
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22165
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22166
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22172
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22186
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22193
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22207
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22212
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22216
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22220
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22240
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22259
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22260
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22284
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22298
CVE, Inc., Red Hat
http://secunia.com/advisories/22330
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22385
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22460
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22487
CVE, Inc., Red Hat
http://secunia.com/advisories/22500
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22544
CVE, Inc., Red Hat
Vendor Advisory
http://secunia.com/advisories/22626
CVE, Inc., Red Hat
http://secunia.com/advisories/22671
CVE, Inc., Red Hat
http://secunia.com/advisories/22758
CVE, Inc., Red Hat
http://secunia.com/advisories/22772
CVE, Inc., Red Hat
http://secunia.com/advisories/22799
CVE, Inc., Red Hat
http://secunia.com/advisories/23038
CVE, Inc., Red Hat
http://secunia.com/advisories/23155
CVE, Inc., Red Hat
http://secunia.com/advisories/23280
CVE, Inc., Red Hat
http://secunia.com/advisories/23309
CVE, Inc., Red Hat
http://secunia.com/advisories/23340
CVE, Inc., Red Hat
http://secunia.com/advisories/23351
CVE, Inc., Red Hat
http://secunia.com/advisories/23680
CVE, Inc., Red Hat
http://secunia.com/advisories/23794
CVE, Inc., Red Hat
http://secunia.com/advisories/23915
CVE, Inc., Red Hat
http://secunia.com/advisories/24930
CVE, Inc., Red Hat
http://secunia.com/advisories/24950
CVE, Inc., Red Hat
http://secunia.com/advisories/25889
CVE, Inc., Red Hat
http://secunia.com/advisories/26329
CVE, Inc., Red Hat
http://secunia.com/advisories/26893
CVE, Inc., Red Hat
http://secunia.com/advisories/30124
CVE, Inc., Red Hat
http://secunia.com/advisories/31492
CVE, Inc., Red Hat
http://secunia.com/advisories/31531
CVE, Inc., Red Hat
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
CVE, Inc., Red Hat
http://security.gentoo.org/glsa/glsa-200610-11.xml
CVE, Inc., Red Hat
http://securitytracker.com/id?1016943
CVE, Inc., Red Hat
http://securitytracker.com/id?1017522
CVE, Inc., Red Hat
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
CVE, Inc., Red Hat
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
CVE, Inc., Red Hat
http://support.attachmate.com/techdocs/2374.html
CVE, Inc., Red Hat
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
CVE, Inc., Red Hat
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
CVE, Inc., Red Hat
http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf
CVE, Inc., Red Hat
http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf
CVE, Inc., Red Hat
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
CVE, Inc., Red Hat
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
CVE, Inc., Red Hat
http://www.debian.org/security/2006/dsa-1185
CVE, Inc., Red Hat
http://www.debian.org/security/2006/dsa-1195
CVE, Inc., Red Hat
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
CVE, Inc., Red Hat
http://www.novell.com/linux/security/advisories/2006_24_sr.html
CVE, Inc., Red Hat
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
CVE, Inc., Red Hat
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
CVE, Inc., Red Hat
http://www.openssl.org/news/secadv_20060928.txt
CVE, Inc., Red Hat
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
CVE, Inc., Red Hat
http://www.osvdb.org/29261
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2006-0695.html
CVE, Inc., Red Hat
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/447318/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/447393/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/456546/100/200/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/489739/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/20247
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/22083
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/28276
CVE, Inc., Red Hat
http://www.serv-u.com/releasenotes/
CVE, Inc., Red Hat
http://www.trustix.org/errata/2006/0054
CVE, Inc., Red Hat
http://www.ubuntu.com/usn/usn-353-1
CVE, Inc., Red Hat
http://www.ubuntu.com/usn/usn-353-2
CVE, Inc., Red Hat
http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
CVE, Inc., Red Hat
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
CVE, Inc., Red Hat
US Government Resource
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
CVE, Inc., Red Hat
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
CVE, Inc., Red Hat
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/player/doc/releasenotes_player.html
CVE, Inc., Red Hat
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
CVE, Inc., Red Hat
http://www.vmware.com/support/server/doc/releasenotes_server.html
CVE, Inc., Red Hat
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
CVE, Inc., Red Hat
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
CVE, Inc., Red Hat
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/3820
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/3860
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/3869
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/3902
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/3936
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4019
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4036
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4264
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4327
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4329
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4401
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4417
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4750
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2006/4980
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/0343
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/1401
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/2315
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/2783
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/0905/references
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/2396
CVE, Inc., Red Hat
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
CVE, Inc., Red Hat
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230
CVE, Inc., Red Hat
https://issues.rpath.com/browse/RPL-1633
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311
CVE, Inc., Red Hat
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
CVE, Inc., Red Hat
Weakness Enumeration
CWE-ID
CWE Name
Source
CWE-399
Resource Management Errors
NIST
Change History
8 change records found show changes
CVE Modified by CVE 11/20/2024 7:12:26 PM
Action
Type
Old Value
New Value
Added
Reference
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
Added
Reference
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
Added
Reference
http://docs.info.apple.com/article.html?artnum=304829
Added
Reference
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
Added
Reference
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
Added
Reference
http://issues.rpath.com/browse/RPL-613
Added
Reference
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Added
Reference
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
Added
Reference
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Added
Reference
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
Added
Reference
http://kolab.org/security/kolab-vendor-notice-11.txt
Added
Reference
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
Added
Reference
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
Added
Reference
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
Added
Reference
http://marc.info/?l=bind-announce&m=116253119512445&w=2
Added
Reference
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Added
Reference
http://marc.info/?l=bugtraq&m=130497311408250&w=2
Added
Reference
http://openbsd.org/errata.html#openssl2
Added
Reference
http://openvpn.net/changelog.html
Added
Reference
http://secunia.com/advisories/22094
Added
Reference
http://secunia.com/advisories/22116
Added
Reference
http://secunia.com/advisories/22130
Added
Reference
http://secunia.com/advisories/22165
Added
Reference
http://secunia.com/advisories/22166
Added
Reference
http://secunia.com/advisories/22172
Added
Reference
http://secunia.com/advisories/22186
Added
Reference
http://secunia.com/advisories/22193
Added
Reference
http://secunia.com/advisories/22207
Added
Reference
http://secunia.com/advisories/22212
Added
Reference
http://secunia.com/advisories/22216
Added
Reference
http://secunia.com/advisories/22220
Added
Reference
http://secunia.com/advisories/22240
Added
Reference
http://secunia.com/advisories/22259
Added
Reference
http://secunia.com/advisories/22260
Added
Reference
http://secunia.com/advisories/22284
Added
Reference
http://secunia.com/advisories/22298
Added
Reference
http://secunia.com/advisories/22330
Added
Reference
http://secunia.com/advisories/22385
Added
Reference
http://secunia.com/advisories/22460
Added
Reference
http://secunia.com/advisories/22487
Added
Reference
http://secunia.com/advisories/22500
Added
Reference
http://secunia.com/advisories/22544
Added
Reference
http://secunia.com/advisories/22626
Added
Reference
http://secunia.com/advisories/22671
Added
Reference
http://secunia.com/advisories/22758
Added
Reference
http://secunia.com/advisories/22772
Added
Reference
http://secunia.com/advisories/22799
Added
Reference
http://secunia.com/advisories/23038
Added
Reference
http://secunia.com/advisories/23155
Added
Reference
http://secunia.com/advisories/23280
Added
Reference
http://secunia.com/advisories/23309
Added
Reference
http://secunia.com/advisories/23340
Added
Reference
http://secunia.com/advisories/23351
Added
Reference
http://secunia.com/advisories/23680
Added
Reference
http://secunia.com/advisories/23794
Added
Reference
http://secunia.com/advisories/23915
Added
Reference
http://secunia.com/advisories/24930
Added
Reference
http://secunia.com/advisories/24950
Added
Reference
http://secunia.com/advisories/25889
Added
Reference
http://secunia.com/advisories/26329
Added
Reference
http://secunia.com/advisories/26893
Added
Reference
http://secunia.com/advisories/30124
Added
Reference
http://secunia.com/advisories/31492
Added
Reference
http://secunia.com/advisories/31531
Added
Reference
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
Added
Reference
http://security.gentoo.org/glsa/glsa-200610-11.xml
Added
Reference
http://securitytracker.com/id?1016943
Added
Reference
http://securitytracker.com/id?1017522
Added
Reference
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946
Added
Reference
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
Added
Reference
http://support.attachmate.com/techdocs/2374.html
Added
Reference
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
Added
Reference
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
Added
Reference
http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf
Added
Reference
http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf
Added
Reference
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html
Added
Reference
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
Added
Reference
http://www.debian.org/security/2006/dsa-1185
Added
Reference
http://www.debian.org/security/2006/dsa-1195
Added
Reference
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
Added
Reference
http://www.novell.com/linux/security/advisories/2006_24_sr.html
Added
Reference
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
Added
Reference
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
Added
Reference
http://www.openssl.org/news/secadv_20060928.txt
Added
Reference
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
Added
Reference
http://www.osvdb.org/29261
Added
Reference
http://www.redhat.com/support/errata/RHSA-2006-0695.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Added
Reference
http://www.securityfocus.com/archive/1/447318/100/0/threaded
Added
Reference
http://www.securityfocus.com/archive/1/447393/100/0/threaded
Added
Reference
http://www.securityfocus.com/archive/1/456546/100/200/threaded
Added
Reference
http://www.securityfocus.com/archive/1/489739/100/0/threaded
Added
Reference
http://www.securityfocus.com/bid/20247
Added
Reference
http://www.securityfocus.com/bid/22083
Added
Reference
http://www.securityfocus.com/bid/28276
Added
Reference
http://www.serv-u.com/releasenotes/
Added
Reference
http://www.trustix.org/errata/2006/0054
Added
Reference
http://www.ubuntu.com/usn/usn-353-1
Added
Reference
http://www.ubuntu.com/usn/usn-353-2
Added
Reference
http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
Added
Reference
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
Added
Reference
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
Added
Reference
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
Added
Reference
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
Added
Reference
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
Added
Reference
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
Added
Reference
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
Added
Reference
http://www.vmware.com/support/player/doc/releasenotes_player.html
Added
Reference
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
Added
Reference
http://www.vmware.com/support/server/doc/releasenotes_server.html
Added
Reference
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
Added
Reference
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
Added
Reference
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Added
Reference
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Added
Reference
http://www.vupen.com/english/advisories/2006/3820
Added
Reference
http://www.vupen.com/english/advisories/2006/3860
Added
Reference
http://www.vupen.com/english/advisories/2006/3869
Added
Reference
http://www.vupen.com/english/advisories/2006/3902
Added
Reference
http://www.vupen.com/english/advisories/2006/3936
Added
Reference
http://www.vupen.com/english/advisories/2006/4019
Added
Reference
http://www.vupen.com/english/advisories/2006/4036
Added
Reference
http://www.vupen.com/english/advisories/2006/4264
Added
Reference
http://www.vupen.com/english/advisories/2006/4327
Added
Reference
http://www.vupen.com/english/advisories/2006/4329
Added
Reference
http://www.vupen.com/english/advisories/2006/4401
Added
Reference
http://www.vupen.com/english/advisories/2006/4417
Added
Reference
http://www.vupen.com/english/advisories/2006/4750
Added
Reference
http://www.vupen.com/english/advisories/2006/4980
Added
Reference
http://www.vupen.com/english/advisories/2007/0343
Added
Reference
http://www.vupen.com/english/advisories/2007/1401
Added
Reference
http://www.vupen.com/english/advisories/2007/2315
Added
Reference
http://www.vupen.com/english/advisories/2007/2783
Added
Reference
http://www.vupen.com/english/advisories/2008/0905/references
Added
Reference
http://www.vupen.com/english/advisories/2008/2396
Added
Reference
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
Added
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230
Added
Reference
https://issues.rpath.com/browse/RPL-1633
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311
Added
Reference
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Added
Reference
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
Added
Reference
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
CVE Modified by Red Hat, Inc. 5/13/2024 9:37:23 PM
Action
Type
Old Value
New Value
CVE Modified by Red Hat, Inc. 10/18/2018 12:44:22 PM
Action
Type
Old Value
New Value
Added
Reference
http://www.securityfocus.com/archive/1/447318/100/0/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/447393/100/0/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/456546/100/200/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/489739/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/447318/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/447393/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/456546/100/200/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded [No Types Assigned]
CVE Modified by Red Hat, Inc. 10/10/2017 9:30:59 PM
Action
Type
Old Value
New Value
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10311 [No Types Assigned]
CVE Modified by Red Hat, Inc. 7/19/2017 9:31:54 PM
Action
Type
Old Value
New Value
Added
Reference
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230 [No Types Assigned]
Removed
Reference
http://xforce.iss.net/xforce/xfdb/29230 [No Types Assigned]
CVE Translated by NIST 10/20/2016 12:45:02 AM
Action
Type
Old Value
New Value
Added
Translation
OpenSSL 0.9.7 en versiones anteriores a 0.9.7l, 0.9.8 en versiones anteriores a 0.9.8d y versiones anteriores permite a atacantes provocar una denegación de servicio (consumo de CPU) a través de claves públicas parasitarias con valores grandes de (1) "exponente público" o (2) "módulo público" en certificados X.509 que requiere tiempo extra de procesamiento cuando utiliza una verificación de firma RSA.
Removed
Translation
OpenSSL 0.9.7 anterior a 0.9.7l, 0.9.8 anterior a 0.9.8d, y versiones anteriores permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante ciertas claves públicas con valores largos (1) "exponentes públicos" o (2) "modulos públicos" en certificados X.509 que requieren tiempo extra para ser procesadas utilizando la firma de verificación.
CVE Modified by Red Hat, Inc. 10/17/2016 11:40:03 PM
Action
Type
Old Value
New Value
Added
Reference
http://marc.info/?l=bind-announce&m=116253119512445&w=2
Removed
Reference
http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445&w=2
Initial CVE Analysis 10/02/2006 7:49:00 AM
Action
Type
Old Value
New Value
Quick Info
CVE Dictionary Entry: CVE-2006-2940 NVD
Published Date: 09/28/2006 NVD
Last Modified: 04/08/2025
Source: Red Hat, Inc.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
