Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2006 Updated: September 07, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 13, 2006
Affected
AppGate version 7.1.5 and earlier are vulnerable if x509 authentication is used. It is theoretically possible to forge a certificate and thus gain access to the system. A patch will be available from the AppGate support pages.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: January 08, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Apple Security Update 2006-007.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: October 20, 2006
Affected
Attachmate has determined that Reflection for the Web is not vulnerable to CERT issue VU#845620. Attachmate has determined that certain clients in the Reflection product line are vulnerable to CERT issue VU#845620. Attachmate is making patches available. For more information, see Attachmate’s support website at http://support.wrq.com/techdocs/2137.html. Attachmate is still investigating whether the Reflection for Secure IT products (RSIT Server for Windows and RSIT Client and Server for UNIX) are vulnerable to CERT issue VU#845620. Please check the support web site below for the latest information. Attachmate advises that interested parties regularly check Attachmate’s support websites for updates on security related issues: http://support.wrq.com/techdocs/1708.html for Reflection products http://support.wrq.com/techdocs/1704.html for Reflection for the Web http://support.wrq.com/techdocs/1910.html for Reflection for Secure IT products
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 18, 2006
Affected
Avaya is vulnerable to this issue, and our public response is located on the web at http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: January 08, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: November 13, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 18, 2006
Unknown
Although cryptlib shouldn't be vulnerable to the original Bleichenbacher attack, there is ongoing discussion about further attacks that affect any RSA keys with e=3. Because the security community currently doesn't know how serious the problem is, cryptlib users should disable the use of any RSA keys with e=3 by changing the check 'if( BN_get_word( e ) < 3 )' in initCheckRSAkey() in context/kg_rsa.c to 'if( BN_get_word( e ) < 17 )'. Note that this will disable the use of a small number of existing keys that use e=3 (although cryptlib itself will never generate or use private keys with this value), but until the exact nature of the problem is fully understood this is the only safe fix.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 07, 2006
Not Affected
Crypto++ is not vulnerable to this attack. You can add this as a vendor statement for VU#845620.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 03, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.debian.org/security/2006/dsa-1182
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 11, 2006
Affected
F5 products BIG-IP (4.x and 9.x), FirePass, and WANjet are vulnerable. Patches are being made available.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 11, 2006
Affected
All FreeBSD releases prior to FreeBSD 6.2 are affected by this issue. Patches have been released and FreeBSD Security Advisory FreeBSD-SA-06:19.openssl has been issued concerning the problem. http://security.freebsd.org/advisories/FreeBSD-SA-06:19.openssl.asc
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 04, 2006
Not Affected
F-Secure antivirus products are not vulnerable. The list of non-vulnerable products includes F-Secure Anti-Virus, F-Secure Internet Security, F-Secure Client Security, F-Secure Server Security, F-Secure Mobile Security, F-Secure Messaging Security Gateway, F-Secure Network Control, and all other products in F-Secure small business and corporate suites, also listed at http://www.f-secure.com/enterprises/products/. F-Secure VPN+ versions up to version 6.12 are vulnerable in installations that use PKI CA issued certificates, which use third-party generated keys. The RSA key generator in F-Secure products has never allowed the generation of RSA keys with a public exponent of 3. This means that keys created with F-Secure tools cannot be used to mount an attack against F-Secure products or other systems. The F-Secure SSH product line is exclusively distributed by Attachmate under the Reflection for Secure IT brand. Please see the vendor statement from Attachmate for more information.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 03, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.gentoo.org/security/en/glsa/glsa-200609-15.xml
Notified: September 08, 2006 Updated: September 18, 2006
Not Affected
Global Technology Associates, Inc. has examined this issue and is pleased to report this issue does not impact any versions (current and past) of the GTA firewall products. To report potential security vulnerabilities in GTA products, send an E-mail message to: security-alert@gta.com.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 20, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001205.html An updated patch is available at http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001212.html
Notified: September 08, 2006 Updated: November 13, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00794048&jumpid=reg_R1002_USEN
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: October 20, 2006
Affected
Current versions of IAIK-JCE (3.142) and IAIK-JCE ME (3.04) are not vulnerable. IAIK-JCE versions 3.14 and earlier and IAIK-JCE ME versions 3.03 and earlier are vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: January 08, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to IBM Security Annoucement 3117.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: January 19, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to 200611030511.kA35BviX044435.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 21, 2006
Affected
Intoto engineering team has analyzed the PKCS-1 signature padding vulnerability documented in this CERT vulnerability note, and found that its VPN and SSLVPN products are affected. Patch is available for fixing this potential vulnerability in Intoto products. Please contact Intoto at support@intoto.com to get the patch.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: January 08, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to PSN-2006-10-002.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: October 04, 2006
Not Affected
IBM Lotus software products are not affected by this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 03, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.mandriva.com/security/advisories?name=MDKSA-2006:166
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 19, 2006
Affected
Mozilla has fixed the RSA vulnerability described in VU#845620 and has released an advisory covering several affected products (http://www.mozilla.org/security/announce/2006/mfsa2006-60.html).
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 26, 2006 Updated: September 28, 2006
Not Affected
...we can confirm that none of nCipher's hardware security modules are vulnerable to this attack.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 07, 2006 Updated: September 07, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: November 13, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.029-bind.html
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: September 06, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.openssl.org/news/secadv_20060905.txt.
Notified: September 08, 2006 Updated: September 11, 2006
Affected
We have applied a fix for this issue to the OpenSSL package in Owl-current as of 2006/09/06 and Owl 2.0-stable as of 2006/09/09.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 19, 2006 Updated: September 21, 2006
Affected
Refer to http://www.opera.com/support/search/supsearch.dml?index=845.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: January 17, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html.
Notified: September 12, 2006 Updated: September 13, 2006
Not Affected
PGP Corporation's products are not affected by this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 11, 2006
Not Affected
I do not believe that any program in the PuTTY suite is, or has ever been, vulnerable to this attack. The RSA verification code is in the function rsa2_verifysig() in our source file sshrsa.c, and a quick inspection shows clearly that it rigorously enforces that the ASN.1 data and hash value must be at the very bottom of the PKCS#1 padded integer. For good measure, our RSA key generator does not, and has never, generated keys with an exponent of 3. (This has nothing to do with whether we're vulnerable to the attack itself, of course, but it does mean we are also not generating keys which can be abused to mount the attack against other systems.)
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 03, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: October 03, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to https://rhn.redhat.com/errata/RHSA-2006-0680.html
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: October 04, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to https://issues.rpath.com/browse/RPL-640.
Notified: September 06, 2006 Updated: January 08, 2007
Affected
RSA BSAFE SSL-C software has been examined and confirmed to be susceptible to this vulnerability; customers should upgrade to RSA BSAFE SSL-C 2.7.1 which includes remediation for this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: November 13, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://slackware.com/changelog/i386/ChangeLog-stable.txt
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: November 13, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.ssh.com/documents/33/SSH_Tectia_Server_5.1.1_releasenotes.txt, http://www.ssh.com/documents/33/SSH_Tectia_Manager_2.2.1_releasenotes.txt, http://www.ssh.com/documents/33/SSH_Tectia_Server_zOS_5.2.1_releasenotes.txt, and http://www.ssh.com/documents/33/SSH_Tectia_Client_5.1.1_releasenotes.txt
Notified: September 06, 2006 Updated: September 06, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 06, 2006 Updated: October 04, 2006
Affected
Refer to http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1&searchclaus
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 29, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to http://www.novell.com/linux/security/advisories/2006_55_ssl.html.
Updated: January 08, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Sybase Alert 1047991.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 25, 2006
Affected
In Ubuntu, three RSA implementations are affected: OpenSSL, which we fixed in http://www.ubuntu.com/usn/usn-339-1 GnuTLS, which we fixed in http://www.ubuntu.com/usn/usn-348-1 libnss3 from the Mozilla products; Ubuntu 6.06 is already fully fixed (USN-351-1 and USN-352-1), updates are in progress for older stable releases (USN-350-1, for example).
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: January 22, 2007
Affected
The following VanDyke Software products are affected by VU#845620: - SecureCRT version 5.2.1 and earlier - SecureFX version 4.0.1 and earlier - VShell version 2.6.2 and earlier for Windows, RedHat Linux, HP-UX, AIX, and Solaris. Product updates which address this vulnerability are available. For more information, please visit: http://www.vandyke.com/support/advisory/2007/01/845620.html
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 11, 2006 Updated: September 11, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: January 19, 2007
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
VMware has published advisories 9986131, 3069097, 254-200612, 253-200612, 213-200612, and 202-200612 in response to this issue. Please refer to those advisories for additional details.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: September 08, 2006 Updated: September 08, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.