Unrated severityNVD Advisory· Published Oct 24, 2006· Updated Apr 23, 2026

CVE-2006-5484

Description

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.

Affected products

SSH/Tectia Client
cpe:2.3:a:ssh:tectia_client:*:*:*:*:*:*:*:*
Range: <=5.1.0
SSH/Tectia Connector
cpe:2.3:a:ssh:tectia_connector:*:*:*:*:*:*:*:*
Range: <=5.1.0
SSH/Tectia Manager
cpe:2.3:a:ssh:tectia_manager:*:*:*:*:*:*:*:*
Range: <=2.2.0
SSH/Tectia Server
cpe:2.3:a:ssh:tectia_server:*:*:*:*:*:*:*:*
Range: <=5.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22350nvdPatchThird Party Advisory
securitytracker.com/idnvdPatchThird Party AdvisoryVDB Entry
securitytracker.com/idnvdPatchThird Party AdvisoryVDB Entry
www.ssh.com/company/news/2006/english/security/article/786/nvdPatchVendor Advisory
www.kb.cert.org/vuls/id/845620nvdThird Party AdvisoryUS Government Resource
www.vupen.com/english/advisories/2006/4032nvdPermissions Required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000