Vulnerability Note VU#423396

X.509 certificate verification may be vulnerable to resource exhaustion

Original Release date: 28 Sep 2006 | Last revised: 09 Feb 2007


Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service.


Included in X.509 certificates are public keys used for digital signature verification. Choosing very large values for the public exponent and public modulus associated with an RSA public key may cause the verification of that key to require large amounts of system resources. According to NISCC: choosing much larger values for [the public exponent and the public modulus], it may be possible to cause the verification process to consume large amounts of system resources and hence result in a denial-of-service condition.

This vulnerability can be triggered by sending a message signed using specially crafted RSA keys to affected products. A number of different products that verify RSA signatures may be vulnerable to this issue. Please see the Systems Affected section of this document for specific product information.


A remote, unauthenticated attacker could consume large amounts of system resources on an affected device, thereby creating a denial of service.


Upgrade or apply a patch from the vendor
Patches have been released to address this issue. See the systems affected section of this document for information about specific vendors.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Apple Computer, Inc.Affected-04 Dec 2006
Avaya, Inc.Affected-10 Nov 2006
Cisco Systems, Inc.Affected-13 Nov 2006
Debian GNU/LinuxAffected-02 Oct 2006
FreeBSD, Inc.Affected-28 Sep 2006
Gentoo LinuxAffected-19 Jan 2007
GnuTLSAffected-28 Sep 2006
Hewlett-Packard CompanyAffected-19 Jan 2007
Mandriva, Inc.Affected-02 Oct 2006
OpenBSDAffected-23 Oct 2006
OpenPKGAffected-02 Oct 2006
OpenSSLAffected-28 Sep 2006
Oracle CorporationAffected-17 Jan 2007
Red Hat, Inc.Affected-02 Oct 2006
rPathAffected-06 Oct 2006
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



NISCC credits Dr. Stephen N. Henson for reporting this vulnerability. This issue was originally reported in GnuTLS by Patrik Hornik.

This document was written by Chris Taschner.

Other Information

  • CVE IDs: CVE-2006-2940
  • Date Public: 02 Aug 2004
  • Date First Published: 28 Sep 2006
  • Date Last Updated: 09 Feb 2007
  • Severity Metric: 7.92
  • Document Revision: 62


If you have feedback, comments, or additional information about this vulnerability, please send us email.