anonhaven

CVE-2006-2940

NONE EPSS 2.91%
Обновлено 23 апреля 2026
OpenSSL
Параметр Значение
Тип уязвимости CWE-399 (Ошибки управления ресурсами)
Поставщик OpenSSL
Публичный эксплойт Нет

OpenSSL 0.9.7 до 0.9.7l, 0.9.8 до 0.9.8d и более ранние версии позволяют злоумышленникам вызывать отказ в обслуживании (потребление ЦП) с помощью паразитных открытых ключей с большими (1) значениями «открытого показателя» или (2) «открытого модуля» в сертификатах X.509, которые требуют дополнительного времени для обработки при использовании проверки подписи RSA.

Показать оригинальное описание (EN)

OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.

Тип уязвимости (CWE)

CWE-399 Resource Management Errors (Ошибки управления ресурсами)

Уязвимые продукты 47

Конфигурация От (включительно) До (исключительно)
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
Openssl Openssl
cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

Ссылки 142

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc
secalert@redhat.com
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
secalert@redhat.com
http://docs.info.apple.com/article.html?artnum=304829
secalert@redhat.com
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771
secalert@redhat.com
http://issues.rpath.com/browse/RPL-613
secalert@redhat.com
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100
secalert@redhat.com
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540
secalert@redhat.com
http://kolab.org/security/kolab-vendor-notice-11.txt
secalert@redhat.com
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
secalert@redhat.com
http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html
secalert@redhat.com
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
secalert@redhat.com
http://marc.info/?l=bind-announce&m=116253119512445&w=2
secalert@redhat.com
http://marc.info/?l=bugtraq&m=130497311408250&w=2
secalert@redhat.com
http://openbsd.org/errata.html#openssl2
secalert@redhat.com
http://openvpn.net/changelog.html
secalert@redhat.com
http://secunia.com/advisories/22094
secalert@redhat.com
http://secunia.com/advisories/22116
secalert@redhat.com
http://secunia.com/advisories/22130
secalert@redhat.com
http://secunia.com/advisories/22165
secalert@redhat.com
http://secunia.com/advisories/22166
secalert@redhat.com
http://secunia.com/advisories/22172
secalert@redhat.com
http://secunia.com/advisories/22186
secalert@redhat.com
http://secunia.com/advisories/22193
secalert@redhat.com
http://secunia.com/advisories/22207
secalert@redhat.com
http://secunia.com/advisories/22212
secalert@redhat.com
http://secunia.com/advisories/22216
secalert@redhat.com
http://secunia.com/advisories/22220
secalert@redhat.com
http://secunia.com/advisories/22240
secalert@redhat.com
http://secunia.com/advisories/22259
secalert@redhat.com
http://secunia.com/advisories/22260
secalert@redhat.com
http://secunia.com/advisories/22284
secalert@redhat.com
http://secunia.com/advisories/22298
secalert@redhat.com
http://secunia.com/advisories/22330
secalert@redhat.com
http://secunia.com/advisories/22385
secalert@redhat.com
http://secunia.com/advisories/22460
secalert@redhat.com
http://secunia.com/advisories/22487
secalert@redhat.com
http://secunia.com/advisories/22500
secalert@redhat.com
http://secunia.com/advisories/22544
secalert@redhat.com
http://secunia.com/advisories/22626
secalert@redhat.com
http://secunia.com/advisories/22671
secalert@redhat.com
http://secunia.com/advisories/22758
secalert@redhat.com
http://secunia.com/advisories/22772
secalert@redhat.com
http://secunia.com/advisories/22799
secalert@redhat.com
http://secunia.com/advisories/23038
secalert@redhat.com
http://secunia.com/advisories/23155
secalert@redhat.com
http://secunia.com/advisories/23280
secalert@redhat.com
http://secunia.com/advisories/23309
secalert@redhat.com
http://secunia.com/advisories/23340
secalert@redhat.com
http://secunia.com/advisories/23351
secalert@redhat.com
http://secunia.com/advisories/23680
secalert@redhat.com
http://secunia.com/advisories/23794
secalert@redhat.com
http://secunia.com/advisories/23915
secalert@redhat.com
http://secunia.com/advisories/24930
secalert@redhat.com
http://secunia.com/advisories/24950
secalert@redhat.com
http://secunia.com/advisories/25889
secalert@redhat.com
http://secunia.com/advisories/26329
secalert@redhat.com
http://secunia.com/advisories/26893
secalert@redhat.com
http://secunia.com/advisories/30124
secalert@redhat.com
http://secunia.com/advisories/31492
secalert@redhat.com
http://secunia.com/advisories/31531
secalert@redhat.com
http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc
secalert@redhat.com
http://security.gentoo.org/glsa/glsa-200610-11.xml
secalert@redhat.com
http://securitytracker.com/id?1016943
secalert@redhat.com
http://securitytracker.com/id?1017522
secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackwar…
secalert@redhat.com
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1
secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1
secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1
secalert@redhat.com
http://support.attachmate.com/techdocs/2374.html
secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm
secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm
secalert@redhat.com
http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf
secalert@redhat.com
http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf
secalert@redhat.com
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_re…
secalert@redhat.com
http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
secalert@redhat.com
http://www.debian.org/security/2006/dsa-1185
secalert@redhat.com
http://www.debian.org/security/2006/dsa-1195
secalert@redhat.com
http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:172
secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:177
secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDKSA-2006:178
secalert@redhat.com
http://www.novell.com/linux/security/advisories/2006_24_sr.html
secalert@redhat.com
http://www.novell.com/linux/security/advisories/2006_58_openssl.html
secalert@redhat.com
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html
secalert@redhat.com
http://www.openssl.org/news/secadv_20060928.txt
secalert@redhat.com
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
secalert@redhat.com
http://www.osvdb.org/29261
secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2006-0695.html
secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2008-0629.html
secalert@redhat.com
http://www.securityfocus.com/archive/1/447318/100/0/threaded
secalert@redhat.com
http://www.securityfocus.com/archive/1/447393/100/0/threaded
secalert@redhat.com
http://www.securityfocus.com/archive/1/456546/100/200/threaded
secalert@redhat.com
http://www.securityfocus.com/archive/1/489739/100/0/threaded
secalert@redhat.com
http://www.securityfocus.com/bid/20247
secalert@redhat.com
http://www.securityfocus.com/bid/22083
secalert@redhat.com
http://www.securityfocus.com/bid/28276
secalert@redhat.com
http://www.serv-u.com/releasenotes/
secalert@redhat.com
http://www.trustix.org/errata/2006/0054
secalert@redhat.com
http://www.ubuntu.com/usn/usn-353-1
secalert@redhat.com
http://www.ubuntu.com/usn/usn-353-2
secalert@redhat.com
http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en
secalert@redhat.com
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
secalert@redhat.com
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
secalert@redhat.com
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
secalert@redhat.com
http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
secalert@redhat.com
http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
secalert@redhat.com
http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
secalert@redhat.com
http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
secalert@redhat.com
http://www.vmware.com/support/player/doc/releasenotes_player.html
secalert@redhat.com
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
secalert@redhat.com
http://www.vmware.com/support/server/doc/releasenotes_server.html
secalert@redhat.com
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
secalert@redhat.com
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
secalert@redhat.com
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
secalert@redhat.com
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/3820
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/3860
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/3869
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/3902
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/3936
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4019
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4036
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4264
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4327
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4329
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4401
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4417
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4750
secalert@redhat.com
http://www.vupen.com/english/advisories/2006/4980
secalert@redhat.com
http://www.vupen.com/english/advisories/2007/0343
secalert@redhat.com
http://www.vupen.com/english/advisories/2007/1401
secalert@redhat.com
http://www.vupen.com/english/advisories/2007/2315
secalert@redhat.com
http://www.vupen.com/english/advisories/2007/2783
secalert@redhat.com
http://www.vupen.com/english/advisories/2008/0905/references
secalert@redhat.com
http://www.vupen.com/english/advisories/2008/2396
secalert@redhat.com
http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf
secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/29230
secalert@redhat.com
https://issues.rpath.com/browse/RPL-1633
secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%…
secalert@redhat.com
https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
secalert@redhat.com
Share Post Share Share Share

Связанные уязвимости

CVE-2025-15467

OpenSSL

8,8

CVE-2025-11187

OpenSSL

6,1

CVE-2021-3712

McAfee

7,4

CVE-2021-23840

McAfee

7,5

CVE-2020-1968

Oracle

3,7