Intoto Information for VU#845620

Multiple RSA implementations fail to properly handle signatures



Vendor Statement

Intoto engineering team has analyzed the PKCS-1 signature padding vulnerability documented in this CERT vulnerability note, and found that its VPN and SSLVPN products are affected. Patch is available for fixing this potential vulnerability in Intoto products. Please contact Intoto at to get the patch.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.