VanDyke Software

Security Advisory

Security Advisory—VShell®, SecureCRT® and SecureFX®

It is theoretically possible for an attacker to forge RSA signatures when the RSA key has a public exponent of three.


Posted: January 18, 2007

Description

According to CERT Vulnerability Note VU#845620, "Many RSA implementations may fail to properly verify signatures. Specifically, the verifier may incorrectly parse PKCS-1 padded signatures, ignoring data at the end of a signature. If this data is ignored and a RSA key with a public exponent of three is used, it may be possible to forge the signing key's signature."

VShell, SecureCRT, and SecureFX no longer generate keys with a public exponent of three. VShell has an option that disallows keys with a public exponent of three from being used for authentication. SecureCRT and SecureFX warn before a key with a public exponent of three is used for authentication or accepted from a host.

Affected Software Versions

SecureCRT version 5.2.1 and earlier
SecureFX version 4.0.1 and earlier
VShell version 2.6.2 and earlier for Windows, Red Hat Linux, HP-UX, AIX, and Solaris.

 

Vulnerability Fix Downloads

VShell 3.0 or later.
SecureCRT 5.2.2 or later.
SecureFX 4.0.2 or later.

 

Technical Support

If you have any questions concerning upgrade eligibility in response to this security advisory, please contact VanDyke Software.
 

Official Postings

US-CERT published an advisory on this vulnerability on 09/21/2006.
 

Revision History

January 18, 2007 - Security Advisory published.