CVE-2006-2940

CVE-2006-2940 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.

Learn more about our Web Application Penetration Testing UK.