NVD Vulnerability Detail

CVE-2006-2940

Summary	OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
Summary	OpenSSL 0.9.7 en versiones anteriores a 0.9.7l, 0.9.8 en versiones anteriores a 0.9.8d y versiones anteriores permite a atacantes provocar una denegación de servicio (consumo de CPU) a través de claves públicas parasitarias con valores grandes de (1) "exponente público" o (2) "módulo público" en certificados X.509 que requiere tiempo extra de procesamiento cuando utiliza una verificación de firma RSA.
Publication Date	Sept. 29, 2006, 3:07 a.m.
Registration Date	Jan. 29, 2021, 3:39 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : HIGH
Score	7.8
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:C
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:openssl:openssl:0.9.1c:::::::*
cpe:2.3:a:openssl:openssl:0.9.2b:::::::*
cpe:2.3:a:openssl:openssl:0.9.3:::::::*
cpe:2.3:a:openssl:openssl:0.9.3a:::::::*
cpe:2.3:a:openssl:openssl:0.9.4:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.5a:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:::::::*
cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6a:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6b:::::::*
cpe:2.3:a:openssl:openssl:0.9.6c:::::::*
cpe:2.3:a:openssl:openssl:0.9.6d:::::::*
cpe:2.3:a:openssl:openssl:0.9.6e:::::::*
cpe:2.3:a:openssl:openssl:0.9.6f:::::::*
cpe:2.3:a:openssl:openssl:0.9.6g:::::::*
cpe:2.3:a:openssl:openssl:0.9.6h:::::::*
cpe:2.3:a:openssl:openssl:0.9.6i:::::::*
cpe:2.3:a:openssl:openssl:0.9.6j:::::::*
cpe:2.3:a:openssl:openssl:0.9.6k:::::::*
cpe:2.3:a:openssl:openssl:0.9.6l:::::::*
cpe:2.3:a:openssl:openssl:0.9.6m:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:::::::*
cpe:2.3:a:openssl:openssl:0.9.7a:::::::*
cpe:2.3:a:openssl:openssl:0.9.7b:::::::*
cpe:2.3:a:openssl:openssl:0.9.7c:::::::*
cpe:2.3:a:openssl:openssl:0.9.7d:::::::*
cpe:2.3:a:openssl:openssl:0.9.7e:::::::*
cpe:2.3:a:openssl:openssl:0.9.7f:::::::*
cpe:2.3:a:openssl:openssl:0.9.7g:::::::*
cpe:2.3:a:openssl:openssl:0.9.7h:::::::*
cpe:2.3:a:openssl:openssl:0.9.7i:::::::*
cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
cpe:2.3:a:openssl:openssl:0.9.7k:::::::*
cpe:2.3:a:openssl:openssl:0.9.8:::::::*
cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
cpe:2.3:a:openssl:openssl:0.9.8c:::::::*

Related information, measures and tools

No	URL	refsource
1	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc	secalert@redhat.com
2	ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc	secalert@redhat.com
3	http://docs.info.apple.com/article.html?artnum=304829	secalert@redhat.com
4	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771	secalert@redhat.com
5	http://issues.rpath.com/browse/RPL-613	secalert@redhat.com
6	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	secalert@redhat.com
7	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	secalert@redhat.com
8	http://kolab.org/security/kolab-vendor-notice-11.txt	secalert@redhat.com
9	http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html	secalert@redhat.com
10	http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html	secalert@redhat.com
11	http://lists.vmware.com/pipermail/security-announce/2008/000008.html	secalert@redhat.com
12	http://marc.info/?l=bind-announce&m=116253119512445&w=2	secalert@redhat.com
13	http://marc.info/?l=bugtraq&m=130497311408250&w=2	secalert@redhat.com
14	http://openbsd.org/errata.html#openssl2	secalert@redhat.com
15	http://openvpn.net/changelog.html	secalert@redhat.com
16	http://secunia.com/advisories/22094	secalert@redhat.com
17	http://secunia.com/advisories/22116	secalert@redhat.com
18	http://secunia.com/advisories/22130	secalert@redhat.com
19	http://secunia.com/advisories/22165	secalert@redhat.com
20	http://secunia.com/advisories/22166	secalert@redhat.com
21	http://secunia.com/advisories/22172	secalert@redhat.com
22	http://secunia.com/advisories/22186	secalert@redhat.com
23	http://secunia.com/advisories/22193	secalert@redhat.com
24	http://secunia.com/advisories/22207	secalert@redhat.com
25	http://secunia.com/advisories/22212	secalert@redhat.com
26	http://secunia.com/advisories/22216	secalert@redhat.com
27	http://secunia.com/advisories/22220	secalert@redhat.com
28	http://secunia.com/advisories/22240	secalert@redhat.com
29	http://secunia.com/advisories/22259	secalert@redhat.com
30	http://secunia.com/advisories/22260	secalert@redhat.com
31	http://secunia.com/advisories/22284	secalert@redhat.com
32	http://secunia.com/advisories/22298	secalert@redhat.com
33	http://secunia.com/advisories/22330	secalert@redhat.com
34	http://secunia.com/advisories/22385	secalert@redhat.com
35	http://secunia.com/advisories/22460	secalert@redhat.com
36	http://secunia.com/advisories/22487	secalert@redhat.com
37	http://secunia.com/advisories/22500	secalert@redhat.com
38	http://secunia.com/advisories/22544	secalert@redhat.com
39	http://secunia.com/advisories/22626	secalert@redhat.com
40	http://secunia.com/advisories/22671	secalert@redhat.com
41	http://secunia.com/advisories/22758	secalert@redhat.com
42	http://secunia.com/advisories/22772	secalert@redhat.com
43	http://secunia.com/advisories/22799	secalert@redhat.com
44	http://secunia.com/advisories/23038	secalert@redhat.com
45	http://secunia.com/advisories/23155	secalert@redhat.com
46	http://secunia.com/advisories/23280	secalert@redhat.com
47	http://secunia.com/advisories/23309	secalert@redhat.com
48	http://secunia.com/advisories/23340	secalert@redhat.com
49	http://secunia.com/advisories/23351	secalert@redhat.com
50	http://secunia.com/advisories/23680	secalert@redhat.com
51	http://secunia.com/advisories/23794	secalert@redhat.com
52	http://secunia.com/advisories/23915	secalert@redhat.com
53	http://secunia.com/advisories/24930	secalert@redhat.com
54	http://secunia.com/advisories/24950	secalert@redhat.com
55	http://secunia.com/advisories/25889	secalert@redhat.com
56	http://secunia.com/advisories/26329	secalert@redhat.com
57	http://secunia.com/advisories/26893	secalert@redhat.com
58	http://secunia.com/advisories/30124	secalert@redhat.com
59	http://secunia.com/advisories/31492	secalert@redhat.com
60	http://secunia.com/advisories/31531	secalert@redhat.com
61	http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc	secalert@redhat.com
62	http://security.gentoo.org/glsa/glsa-200610-11.xml	secalert@redhat.com
63	http://securitytracker.com/id?1016943	secalert@redhat.com
64	http://securitytracker.com/id?1017522	secalert@redhat.com
65	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946	secalert@redhat.com
66	http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227	secalert@redhat.com
67	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1	secalert@redhat.com
68	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1	secalert@redhat.com
69	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1	secalert@redhat.com
70	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1	secalert@redhat.com
71	http://support.attachmate.com/techdocs/2374.html	secalert@redhat.com
72	http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm	secalert@redhat.com
73	http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm	secalert@redhat.com
74	http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf	secalert@redhat.com
75	http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf	secalert@redhat.com
76	http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html	secalert@redhat.com
77	http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml	secalert@redhat.com
78	http://www.debian.org/security/2006/dsa-1185	secalert@redhat.com
79	http://www.debian.org/security/2006/dsa-1195	secalert@redhat.com
80	http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml	secalert@redhat.com
81	http://www.mandriva.com/security/advisories?name=MDKSA-2006:172	secalert@redhat.com
82	http://www.mandriva.com/security/advisories?name=MDKSA-2006:177	secalert@redhat.com
83	http://www.mandriva.com/security/advisories?name=MDKSA-2006:178	secalert@redhat.com
84	http://www.novell.com/linux/security/advisories/2006_24_sr.html	secalert@redhat.com
85	http://www.novell.com/linux/security/advisories/2006_58_openssl.html	secalert@redhat.com
86	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html	secalert@redhat.com
87	http://www.openssl.org/news/secadv_20060928.txt	secalert@redhat.com
88	http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html	secalert@redhat.com
89	http://www.osvdb.org/29261	secalert@redhat.com
90	http://www.redhat.com/support/errata/RHSA-2006-0695.html	secalert@redhat.com
91	http://www.redhat.com/support/errata/RHSA-2008-0629.html	secalert@redhat.com
92	http://www.securityfocus.com/archive/1/447318/100/0/threaded	secalert@redhat.com
93	http://www.securityfocus.com/archive/1/447393/100/0/threaded	secalert@redhat.com
94	http://www.securityfocus.com/archive/1/456546/100/200/threaded	secalert@redhat.com
95	http://www.securityfocus.com/archive/1/489739/100/0/threaded	secalert@redhat.com
96	http://www.securityfocus.com/bid/20247	secalert@redhat.com
97	http://www.securityfocus.com/bid/22083	secalert@redhat.com
98	http://www.securityfocus.com/bid/28276	secalert@redhat.com
99	http://www.serv-u.com/releasenotes/	secalert@redhat.com
100	http://www.trustix.org/errata/2006/0054	secalert@redhat.com
101	http://www.ubuntu.com/usn/usn-353-1	secalert@redhat.com
102	http://www.ubuntu.com/usn/usn-353-2	secalert@redhat.com
103	http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en	secalert@redhat.com
104	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	secalert@redhat.com
105	http://www.vmware.com/security/advisories/VMSA-2008-0005.html	secalert@redhat.com
106	http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html	secalert@redhat.com
107	http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html	secalert@redhat.com
108	http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html	secalert@redhat.com
109	http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html	secalert@redhat.com
110	http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html	secalert@redhat.com
111	http://www.vmware.com/support/player/doc/releasenotes_player.html	secalert@redhat.com
112	http://www.vmware.com/support/player2/doc/releasenotes_player2.html	secalert@redhat.com
113	http://www.vmware.com/support/server/doc/releasenotes_server.html	secalert@redhat.com
114	http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html	secalert@redhat.com
115	http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html	secalert@redhat.com
116	http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	secalert@redhat.com
117	http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	secalert@redhat.com
118	http://www.vupen.com/english/advisories/2006/3820	secalert@redhat.com
119	http://www.vupen.com/english/advisories/2006/3860	secalert@redhat.com
120	http://www.vupen.com/english/advisories/2006/3869	secalert@redhat.com
121	http://www.vupen.com/english/advisories/2006/3902	secalert@redhat.com
122	http://www.vupen.com/english/advisories/2006/3936	secalert@redhat.com
123	http://www.vupen.com/english/advisories/2006/4019	secalert@redhat.com
124	http://www.vupen.com/english/advisories/2006/4036	secalert@redhat.com
125	http://www.vupen.com/english/advisories/2006/4264	secalert@redhat.com
126	http://www.vupen.com/english/advisories/2006/4327	secalert@redhat.com
127	http://www.vupen.com/english/advisories/2006/4329	secalert@redhat.com
128	http://www.vupen.com/english/advisories/2006/4401	secalert@redhat.com
129	http://www.vupen.com/english/advisories/2006/4417	secalert@redhat.com
130	http://www.vupen.com/english/advisories/2006/4750	secalert@redhat.com
131	http://www.vupen.com/english/advisories/2006/4980	secalert@redhat.com
132	http://www.vupen.com/english/advisories/2007/0343	secalert@redhat.com
133	http://www.vupen.com/english/advisories/2007/1401	secalert@redhat.com
134	http://www.vupen.com/english/advisories/2007/2315	secalert@redhat.com
135	http://www.vupen.com/english/advisories/2007/2783	secalert@redhat.com
136	http://www.vupen.com/english/advisories/2008/0905/references	secalert@redhat.com
137	http://www.vupen.com/english/advisories/2008/2396	secalert@redhat.com
138	http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf	secalert@redhat.com
139	https://exchange.xforce.ibmcloud.com/vulnerabilities/29230	secalert@redhat.com
140	https://issues.rpath.com/browse/RPL-1633	secalert@redhat.com
141	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311	secalert@redhat.com
142	https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144	secalert@redhat.com
143	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc	af854a3a-2127-422b-91ae-364da2661108
144	ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc	af854a3a-2127-422b-91ae-364da2661108
145	http://docs.info.apple.com/article.html?artnum=304829	af854a3a-2127-422b-91ae-364da2661108
146	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771	af854a3a-2127-422b-91ae-364da2661108
147	http://issues.rpath.com/browse/RPL-613	af854a3a-2127-422b-91ae-364da2661108
148	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100	af854a3a-2127-422b-91ae-364da2661108
149	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540	af854a3a-2127-422b-91ae-364da2661108
150	http://kolab.org/security/kolab-vendor-notice-11.txt	af854a3a-2127-422b-91ae-364da2661108
151	http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
152	http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html	af854a3a-2127-422b-91ae-364da2661108
153	http://lists.vmware.com/pipermail/security-announce/2008/000008.html	af854a3a-2127-422b-91ae-364da2661108
154	http://marc.info/?l=bind-announce&m=116253119512445&w=2	af854a3a-2127-422b-91ae-364da2661108
155	http://marc.info/?l=bugtraq&m=130497311408250&w=2	af854a3a-2127-422b-91ae-364da2661108
156	http://openbsd.org/errata.html#openssl2	af854a3a-2127-422b-91ae-364da2661108
157	http://openvpn.net/changelog.html	af854a3a-2127-422b-91ae-364da2661108
158	http://secunia.com/advisories/22094	af854a3a-2127-422b-91ae-364da2661108
159	http://secunia.com/advisories/22116	af854a3a-2127-422b-91ae-364da2661108
160	http://secunia.com/advisories/22130	af854a3a-2127-422b-91ae-364da2661108
161	http://secunia.com/advisories/22165	af854a3a-2127-422b-91ae-364da2661108
162	http://secunia.com/advisories/22166	af854a3a-2127-422b-91ae-364da2661108
163	http://secunia.com/advisories/22172	af854a3a-2127-422b-91ae-364da2661108
164	http://secunia.com/advisories/22186	af854a3a-2127-422b-91ae-364da2661108
165	http://secunia.com/advisories/22193	af854a3a-2127-422b-91ae-364da2661108
166	http://secunia.com/advisories/22207	af854a3a-2127-422b-91ae-364da2661108
167	http://secunia.com/advisories/22212	af854a3a-2127-422b-91ae-364da2661108
168	http://secunia.com/advisories/22216	af854a3a-2127-422b-91ae-364da2661108
169	http://secunia.com/advisories/22220	af854a3a-2127-422b-91ae-364da2661108
170	http://secunia.com/advisories/22240	af854a3a-2127-422b-91ae-364da2661108
171	http://secunia.com/advisories/22259	af854a3a-2127-422b-91ae-364da2661108
172	http://secunia.com/advisories/22260	af854a3a-2127-422b-91ae-364da2661108
173	http://secunia.com/advisories/22284	af854a3a-2127-422b-91ae-364da2661108
174	http://secunia.com/advisories/22298	af854a3a-2127-422b-91ae-364da2661108
175	http://secunia.com/advisories/22330	af854a3a-2127-422b-91ae-364da2661108
176	http://secunia.com/advisories/22385	af854a3a-2127-422b-91ae-364da2661108
177	http://secunia.com/advisories/22460	af854a3a-2127-422b-91ae-364da2661108
178	http://secunia.com/advisories/22487	af854a3a-2127-422b-91ae-364da2661108
179	http://secunia.com/advisories/22500	af854a3a-2127-422b-91ae-364da2661108
180	http://secunia.com/advisories/22544	af854a3a-2127-422b-91ae-364da2661108
181	http://secunia.com/advisories/22626	af854a3a-2127-422b-91ae-364da2661108
182	http://secunia.com/advisories/22671	af854a3a-2127-422b-91ae-364da2661108
183	http://secunia.com/advisories/22758	af854a3a-2127-422b-91ae-364da2661108
184	http://secunia.com/advisories/22772	af854a3a-2127-422b-91ae-364da2661108
185	http://secunia.com/advisories/22799	af854a3a-2127-422b-91ae-364da2661108
186	http://secunia.com/advisories/23038	af854a3a-2127-422b-91ae-364da2661108
187	http://secunia.com/advisories/23155	af854a3a-2127-422b-91ae-364da2661108
188	http://secunia.com/advisories/23280	af854a3a-2127-422b-91ae-364da2661108
189	http://secunia.com/advisories/23309	af854a3a-2127-422b-91ae-364da2661108
190	http://secunia.com/advisories/23340	af854a3a-2127-422b-91ae-364da2661108
191	http://secunia.com/advisories/23351	af854a3a-2127-422b-91ae-364da2661108
192	http://secunia.com/advisories/23680	af854a3a-2127-422b-91ae-364da2661108
193	http://secunia.com/advisories/23794	af854a3a-2127-422b-91ae-364da2661108
194	http://secunia.com/advisories/23915	af854a3a-2127-422b-91ae-364da2661108
195	http://secunia.com/advisories/24930	af854a3a-2127-422b-91ae-364da2661108
196	http://secunia.com/advisories/24950	af854a3a-2127-422b-91ae-364da2661108
197	http://secunia.com/advisories/25889	af854a3a-2127-422b-91ae-364da2661108
198	http://secunia.com/advisories/26329	af854a3a-2127-422b-91ae-364da2661108
199	http://secunia.com/advisories/26893	af854a3a-2127-422b-91ae-364da2661108
200	http://secunia.com/advisories/30124	af854a3a-2127-422b-91ae-364da2661108
201	http://secunia.com/advisories/31492	af854a3a-2127-422b-91ae-364da2661108
202	http://secunia.com/advisories/31531	af854a3a-2127-422b-91ae-364da2661108
203	http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc	af854a3a-2127-422b-91ae-364da2661108
204	http://security.gentoo.org/glsa/glsa-200610-11.xml	af854a3a-2127-422b-91ae-364da2661108
205	http://securitytracker.com/id?1016943	af854a3a-2127-422b-91ae-364da2661108
206	http://securitytracker.com/id?1017522	af854a3a-2127-422b-91ae-364da2661108
207	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946	af854a3a-2127-422b-91ae-364da2661108
208	http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227	af854a3a-2127-422b-91ae-364da2661108
209	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1	af854a3a-2127-422b-91ae-364da2661108
210	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1	af854a3a-2127-422b-91ae-364da2661108
211	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1	af854a3a-2127-422b-91ae-364da2661108
212	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1	af854a3a-2127-422b-91ae-364da2661108
213	http://support.attachmate.com/techdocs/2374.html	af854a3a-2127-422b-91ae-364da2661108
214	http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm	af854a3a-2127-422b-91ae-364da2661108
215	http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm	af854a3a-2127-422b-91ae-364da2661108
216	http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf	af854a3a-2127-422b-91ae-364da2661108
217	http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf	af854a3a-2127-422b-91ae-364da2661108
218	http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html	af854a3a-2127-422b-91ae-364da2661108
219	http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml	af854a3a-2127-422b-91ae-364da2661108
220	http://www.debian.org/security/2006/dsa-1185	af854a3a-2127-422b-91ae-364da2661108
221	http://www.debian.org/security/2006/dsa-1195	af854a3a-2127-422b-91ae-364da2661108
222	http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml	af854a3a-2127-422b-91ae-364da2661108
223	http://www.mandriva.com/security/advisories?name=MDKSA-2006:172	af854a3a-2127-422b-91ae-364da2661108
224	http://www.mandriva.com/security/advisories?name=MDKSA-2006:177	af854a3a-2127-422b-91ae-364da2661108
225	http://www.mandriva.com/security/advisories?name=MDKSA-2006:178	af854a3a-2127-422b-91ae-364da2661108
226	http://www.novell.com/linux/security/advisories/2006_24_sr.html	af854a3a-2127-422b-91ae-364da2661108
227	http://www.novell.com/linux/security/advisories/2006_58_openssl.html	af854a3a-2127-422b-91ae-364da2661108
228	http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html	af854a3a-2127-422b-91ae-364da2661108
229	http://www.openssl.org/news/secadv_20060928.txt	af854a3a-2127-422b-91ae-364da2661108
230	http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html	af854a3a-2127-422b-91ae-364da2661108
231	http://www.osvdb.org/29261	af854a3a-2127-422b-91ae-364da2661108
232	http://www.redhat.com/support/errata/RHSA-2006-0695.html	af854a3a-2127-422b-91ae-364da2661108
233	http://www.redhat.com/support/errata/RHSA-2008-0629.html	af854a3a-2127-422b-91ae-364da2661108
234	http://www.securityfocus.com/archive/1/447318/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
235	http://www.securityfocus.com/archive/1/447393/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
236	http://www.securityfocus.com/archive/1/456546/100/200/threaded	af854a3a-2127-422b-91ae-364da2661108
237	http://www.securityfocus.com/archive/1/489739/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
238	http://www.securityfocus.com/bid/20247	af854a3a-2127-422b-91ae-364da2661108
239	http://www.securityfocus.com/bid/22083	af854a3a-2127-422b-91ae-364da2661108
240	http://www.securityfocus.com/bid/28276	af854a3a-2127-422b-91ae-364da2661108
241	http://www.serv-u.com/releasenotes/	af854a3a-2127-422b-91ae-364da2661108
242	http://www.trustix.org/errata/2006/0054	af854a3a-2127-422b-91ae-364da2661108
243	http://www.ubuntu.com/usn/usn-353-1	af854a3a-2127-422b-91ae-364da2661108
244	http://www.ubuntu.com/usn/usn-353-2	af854a3a-2127-422b-91ae-364da2661108
245	http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en	af854a3a-2127-422b-91ae-364da2661108
246	http://www.us-cert.gov/cas/techalerts/TA06-333A.html	af854a3a-2127-422b-91ae-364da2661108
247	http://www.vmware.com/security/advisories/VMSA-2008-0005.html	af854a3a-2127-422b-91ae-364da2661108
248	http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html	af854a3a-2127-422b-91ae-364da2661108
249	http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html	af854a3a-2127-422b-91ae-364da2661108
250	http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html	af854a3a-2127-422b-91ae-364da2661108
251	http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html	af854a3a-2127-422b-91ae-364da2661108
252	http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html	af854a3a-2127-422b-91ae-364da2661108
253	http://www.vmware.com/support/player/doc/releasenotes_player.html	af854a3a-2127-422b-91ae-364da2661108
254	http://www.vmware.com/support/player2/doc/releasenotes_player2.html	af854a3a-2127-422b-91ae-364da2661108
255	http://www.vmware.com/support/server/doc/releasenotes_server.html	af854a3a-2127-422b-91ae-364da2661108
256	http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html	af854a3a-2127-422b-91ae-364da2661108
257	http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html	af854a3a-2127-422b-91ae-364da2661108
258	http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html	af854a3a-2127-422b-91ae-364da2661108
259	http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html	af854a3a-2127-422b-91ae-364da2661108
260	http://www.vupen.com/english/advisories/2006/3820	af854a3a-2127-422b-91ae-364da2661108
261	http://www.vupen.com/english/advisories/2006/3860	af854a3a-2127-422b-91ae-364da2661108
262	http://www.vupen.com/english/advisories/2006/3869	af854a3a-2127-422b-91ae-364da2661108
263	http://www.vupen.com/english/advisories/2006/3902	af854a3a-2127-422b-91ae-364da2661108
264	http://www.vupen.com/english/advisories/2006/3936	af854a3a-2127-422b-91ae-364da2661108
265	http://www.vupen.com/english/advisories/2006/4019	af854a3a-2127-422b-91ae-364da2661108
266	http://www.vupen.com/english/advisories/2006/4036	af854a3a-2127-422b-91ae-364da2661108
267	http://www.vupen.com/english/advisories/2006/4264	af854a3a-2127-422b-91ae-364da2661108
268	http://www.vupen.com/english/advisories/2006/4327	af854a3a-2127-422b-91ae-364da2661108
269	http://www.vupen.com/english/advisories/2006/4329	af854a3a-2127-422b-91ae-364da2661108
270	http://www.vupen.com/english/advisories/2006/4401	af854a3a-2127-422b-91ae-364da2661108
271	http://www.vupen.com/english/advisories/2006/4417	af854a3a-2127-422b-91ae-364da2661108
272	http://www.vupen.com/english/advisories/2006/4750	af854a3a-2127-422b-91ae-364da2661108
273	http://www.vupen.com/english/advisories/2006/4980	af854a3a-2127-422b-91ae-364da2661108
274	http://www.vupen.com/english/advisories/2007/0343	af854a3a-2127-422b-91ae-364da2661108
275	http://www.vupen.com/english/advisories/2007/1401	af854a3a-2127-422b-91ae-364da2661108
276	http://www.vupen.com/english/advisories/2007/2315	af854a3a-2127-422b-91ae-364da2661108
277	http://www.vupen.com/english/advisories/2007/2783	af854a3a-2127-422b-91ae-364da2661108
278	http://www.vupen.com/english/advisories/2008/0905/references	af854a3a-2127-422b-91ae-364da2661108
279	http://www.vupen.com/english/advisories/2008/2396	af854a3a-2127-422b-91ae-364da2661108
280	http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf	af854a3a-2127-422b-91ae-364da2661108
281	https://exchange.xforce.ibmcloud.com/vulnerabilities/29230	af854a3a-2127-422b-91ae-364da2661108
282	https://issues.rpath.com/browse/RPL-1633	af854a3a-2127-422b-91ae-364da2661108
283	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10311	af854a3a-2127-422b-91ae-364da2661108
284	https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-399	リソース管理の問題	https://cwe.mitre.org/data/definitions/399.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:openssl:openssl:0.9.1c:::::::*
cpe:2.3:a:openssl:openssl:0.9.2b:::::::*
cpe:2.3:a:openssl:openssl:0.9.3:::::::*
cpe:2.3:a:openssl:openssl:0.9.3a:::::::*
cpe:2.3:a:openssl:openssl:0.9.4:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:::::::*
cpe:2.3:a:openssl:openssl:0.9.5:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.5a:::::::*
cpe:2.3:a:openssl:openssl:0.9.5a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.5a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:::::::*
cpe:2.3:a:openssl:openssl:0.9.6:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6a:::::::*
cpe:2.3:a:openssl:openssl:0.9.6a:beta1::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta2::::::
cpe:2.3:a:openssl:openssl:0.9.6a:beta3::::::
cpe:2.3:a:openssl:openssl:0.9.6b:::::::*
cpe:2.3:a:openssl:openssl:0.9.6c:::::::*
cpe:2.3:a:openssl:openssl:0.9.6d:::::::*
cpe:2.3:a:openssl:openssl:0.9.6e:::::::*
cpe:2.3:a:openssl:openssl:0.9.6f:::::::*
cpe:2.3:a:openssl:openssl:0.9.6g:::::::*
cpe:2.3:a:openssl:openssl:0.9.6h:::::::*
cpe:2.3:a:openssl:openssl:0.9.6i:::::::*
cpe:2.3:a:openssl:openssl:0.9.6j:::::::*
cpe:2.3:a:openssl:openssl:0.9.6k:::::::*
cpe:2.3:a:openssl:openssl:0.9.6l:::::::*
cpe:2.3:a:openssl:openssl:0.9.6m:::::::*
cpe:2.3:a:openssl:openssl:0.9.7:::::::*
cpe:2.3:a:openssl:openssl:0.9.7a:::::::*
cpe:2.3:a:openssl:openssl:0.9.7b:::::::*
cpe:2.3:a:openssl:openssl:0.9.7c:::::::*
cpe:2.3:a:openssl:openssl:0.9.7d:::::::*
cpe:2.3:a:openssl:openssl:0.9.7e:::::::*
cpe:2.3:a:openssl:openssl:0.9.7f:::::::*
cpe:2.3:a:openssl:openssl:0.9.7g:::::::*
cpe:2.3:a:openssl:openssl:0.9.7h:::::::*
cpe:2.3:a:openssl:openssl:0.9.7i:::::::*
cpe:2.3:a:openssl:openssl:0.9.7j:::::::*
cpe:2.3:a:openssl:openssl:0.9.7k:::::::*
cpe:2.3:a:openssl:openssl:0.9.8:::::::*
cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
cpe:2.3:a:openssl:openssl:0.9.8c:::::::*