GNUTLS PKCS RSA Signature Forgery Vulnerability

GNUTLS PKCS RSA Signature Forgery Vulnerability

GnuTLS is prone to a vulnerability that may allow an attacker to forge an RSA signature. The attacker may be able to forge a PKCS #1 v1.5 signature when verifying a X.509 certificate.

An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key.

This vulnerability is a variant of the issue discussed in BID 19849 (OpenSSL PKCS Padding RSA Signature Forgery Vulnerability) and affects GnuTLS versions prior to version 1.4.3.