Intoto Information for VU#845620
Multiple RSA implementations fail to properly handle signatures
- Vendor Information Help Date Notified: 08 Sep 2006
- Statement Date:
- Date Updated: 21 Sep 2006
Intoto engineering team has analyzed the PKCS-1 signature padding vulnerability documented in this CERT vulnerability note, and found that its VPN and SSLVPN products are affected. Patch is available for fixing this potential vulnerability in Intoto products. Please contact Intoto at firstname.lastname@example.org to get the patch.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.