Vulnerability Note VU#754281
RSA BSAFE libraries denial of service vulnerability
The RSA BSAFE Crypto-C and Cert-C libraries contain a denial-of-service vulnerability.
RSA BSAFE products include software libraries that developers can use to implement cryptography in their applications.
The RSA BSAFE Crypto-C and Cert-C libraries contain a denial-of-service vulnerability. Note that these libraries may be used in third-party applications that are not distributed by RSA.
A remote, unauthenticated attacker may be able to create a denial-of-service condition.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems, Inc.||Affected||30 Nov 2006||22 May 2007|
|EMC, Inc. (formerly Data General Corporation)||Affected||07 Dec 2006||22 May 2007|
|Novell, Inc.||Affected||07 Dec 2006||22 May 2007|
|RSA Security, Inc.||Affected||01 Dec 2006||22 May 2007|
|Foundry Networks, Inc.||Not Affected||07 Dec 2006||19 Dec 2007|
|Hitachi||Not Affected||07 Dec 2006||24 May 2007|
|McAfee||Not Affected||21 May 2007||23 May 2007|
|Microsoft Corporation||Not Affected||07 Dec 2006||22 May 2007|
|Nortel Networks, Inc.||Not Affected||07 Dec 2006||23 May 2007|
|TippingPoint, Technologies, Inc.||Not Affected||21 May 2007||22 May 2007|
|3com, Inc.||Unknown||07 Dec 2006||07 Dec 2006|
|Alcatel||Unknown||07 Dec 2006||07 Dec 2006|
|Apple Computer, Inc.||Unknown||07 Dec 2006||07 Dec 2006|
|AT&T||Unknown||07 Dec 2006||07 Dec 2006|
|Avaya, Inc.||Unknown||07 Dec 2006||07 Dec 2006|
CVSS Metrics (Learn More)
Thanks to Cisco Systems for reporting this vulnerability.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2006-3894
- Date Public: 22 May 2007
- Date First Published: 22 May 2007
- Date Last Updated: 19 Dec 2007
- Severity Metric: 0.13
- Document Revision: 17
If you have feedback, comments, or additional information about this vulnerability, please send us email.