CVE-2006-5484

Name of the Vulnerable Software and Affected Versions SSH Tectia Client/Server/Connector versions 5.1.0 and earlier SSH Tectia Manager versions 2.2.0 and earlier

Description The issue allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by an RSA key with exponent 3. This is due to the removal of PKCS-1 padding before generating a hash, which prevents correct verification of X.509 and other certificates that use PKCS #1.

Recommendations For SSH Tectia Client/Server/Connector versions 5.1.0 and earlier, consider updating to a version that correctly handles PKCS-1 padding. For SSH Tectia Manager versions 2.2.0 and earlier, consider updating to a version that correctly handles PKCS-1 padding. As a temporary workaround, consider restricting the use of RSA keys with exponent 3 until a patch is available.