CVE-2006-5201 : Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Up

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.

Published 2006-10-10 04:06:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-5201

SUN » Sunos » Version: 5.8
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9.0 For Sparc
cpe:2.3:o:sun:solaris:9.0:*:*:*:*:sparc:*:*
Matching versions
SUN » Solaris » Version: 10.0 For Sparc
cpe:2.3:o:sun:solaris:10.0:*:*:*:*:sparc:*:*
Matching versions
SUN » Staroffice
cpe:2.3:a:sun:staroffice:*:*:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update6
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0
cpe:2.3:a:sun:jdk:1.5.0:-:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update1
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update3
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update2
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update4
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update5
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update7
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update7 B03
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
Matching versions
SUN » JDK » Version: 1.5.0 Update Update8
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 6
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 7
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update4
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update5
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 2
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 3
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update1
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 1
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 10
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 8
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 9
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 4
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 5
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update2
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update3
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 12
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2 11
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update6
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0
cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.4.2
cpe:2.3:a:sun:jre:1.4.2:-:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update8
cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1
cpe:2.3:a:sun:jre:1.3.1:-:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 03
cpe:2.3:a:sun:jre:1.3.1_03:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 10
cpe:2.3:a:sun:jre:1.3.1_10:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 12
cpe:2.3:a:sun:jre:1.3.1_12:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 17
cpe:2.3:a:sun:jre:1.3.1_17:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 19
cpe:2.3:a:sun:jre:1.3.1_19:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 05
cpe:2.3:a:sun:jre:1.3.1_05:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 06
cpe:2.3:a:sun:jre:1.3.1_06:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 07
cpe:2.3:a:sun:jre:1.3.1_07:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 08
cpe:2.3:a:sun:jre:1.3.1_08:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 13
cpe:2.3:a:sun:jre:1.3.1_13:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 14
cpe:2.3:a:sun:jre:1.3.1_14:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 15
cpe:2.3:a:sun:jre:1.3.1_15:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 16
cpe:2.3:a:sun:jre:1.3.1_16:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.5.0 Update Update7
cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 2
cpe:2.3:a:sun:jre:1.3.1_2:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 04
cpe:2.3:a:sun:jre:1.3.1_04:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 09
cpe:2.3:a:sun:jre:1.3.1_09:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 11
cpe:2.3:a:sun:jre:1.3.1_11:*:*:*:*:*:*:*
Matching versions
SUN » JRE » Version: 1.3.1 18
cpe:2.3:a:sun:jre:1.3.1_18:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 01
cpe:2.3:a:sun:sdk:1.3.1_01:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 01a
cpe:2.3:a:sun:sdk:1.3.1_01a:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2
cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 9
cpe:2.3:a:sun:sdk:1.4.2_9:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 3
cpe:2.3:a:sun:sdk:1.4.2_3:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 8
cpe:2.3:a:sun:sdk:1.4.2_8:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 1
cpe:2.3:a:sun:sdk:1.4.2_1:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 2
cpe:2.3:a:sun:sdk:1.4.2_2:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 5
cpe:2.3:a:sun:sdk:1.4.2_5:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 6
cpe:2.3:a:sun:sdk:1.4.2_6:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 7
cpe:2.3:a:sun:sdk:1.4.2_7:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 4
cpe:2.3:a:sun:sdk:1.4.2_4:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 02
cpe:2.3:a:sun:sdk:1.3.1_02:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 07
cpe:2.3:a:sun:sdk:1.3.1_07:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 09
cpe:2.3:a:sun:sdk:1.3.1_09:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 11
cpe:2.3:a:sun:sdk:1.3.1_11:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 16
cpe:2.3:a:sun:sdk:1.3.1_16:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 18
cpe:2.3:a:sun:sdk:1.3.1_18:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 03
cpe:2.3:a:sun:sdk:1.3.1_03:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 04
cpe:2.3:a:sun:sdk:1.3.1_04:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 05
cpe:2.3:a:sun:sdk:1.3.1_05:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 06
cpe:2.3:a:sun:sdk:1.3.1_06:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 10
cpe:2.3:a:sun:sdk:1.4.2_10:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 11
cpe:2.3:a:sun:sdk:1.4.2_11:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.4.2 12
cpe:2.3:a:sun:sdk:1.4.2_12:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 12
cpe:2.3:a:sun:sdk:1.3.1_12:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 13
cpe:2.3:a:sun:sdk:1.3.1_13:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 14
cpe:2.3:a:sun:sdk:1.3.1_14:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 15
cpe:2.3:a:sun:sdk:1.3.1_15:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1
cpe:2.3:a:sun:sdk:1.3.1:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 08
cpe:2.3:a:sun:sdk:1.3.1_08:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 10
cpe:2.3:a:sun:sdk:1.3.1_10:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 17
cpe:2.3:a:sun:sdk:1.3.1_17:*:*:*:*:*:*:*
Matching versions
SUN » SDK » Version: 1.3.1 19
cpe:2.3:a:sun:sdk:1.3.1_19:*:*:*:*:*:*:*
Matching versions
SUN » Jsse » Version: 1.0.3
cpe:2.3:a:sun:jsse:1.0.3:*:*:*:*:*:*:*
Matching versions
SUN » Jsse » Version: 1.0.3 02
cpe:2.3:a:sun:jsse:1.0.3_02:*:*:*:*:*:*:*
Matching versions
SUN » Jsse » Version: 1.0.3 01
cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*
Matching versions
SUN » Jsse » Version: 1.0.3 03
cpe:2.3:a:sun:jsse:1.0.3_03:*:*:*:*:*:*:*
Matching versions
SUN » Secure Global Desktop
cpe:2.3:a:sun:secure_global_desktop:*:*:*:*:*:*:*:*
Matching versions
SUN » NSS
cpe:2.3:a:sun:nss:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2006-5201

Top countries where our scanners detected CVE-2006-5201

Top open port discovered on systems with this issue 554

IPs affected by CVE-2006-5201 2

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2006-5201!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2006-5201

EPSS FAQ

3.82%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-5201

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:N/AC:H/Au:N/C:N/I:P/A:P	4.9	4.9	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-5201

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1

Broken Link

CVEs referencing this url
http://secunia.com/advisories/22992

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.kb.cert.org/vuls/id/845620

VU#845620 - Multiple RSA implementations fail to properly handle signatures
Third Party Advisory;US Government Resource

CVEs referencing this url
http://www.vupen.com/english/advisories/2006/3960

Site en construction
Permissions Required
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm

ASA-2006-250 (SUN 102606, 102636, 102640, 102648, 102651, 102652, 102655, 102657)
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/22325

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1

Broken Link

CVEs referencing this url
http://secunia.com/advisories/22226

About Secunia Research | Flexera
Third Party Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2006/3899

Site en construction
Permissions Required

CVEs referencing this url
http://secunia.com/advisories/22204

About Secunia Research | Flexera
Patch;Third Party Advisory
http://www.vupen.com/english/advisories/2006/3898

Site en construction
Permissions Required

Jump to

Vulnerability Details : CVE-2006-5201

Products affected by CVE-2006-5201

Threat overview for CVE-2006-5201

Exploit prediction scoring system (EPSS) score for CVE-2006-5201

CVSS scores for CVE-2006-5201

References for CVE-2006-5201