Test Kennung:	1.3.6.1.4.1.25623.1.0.56261
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: gnupg
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: gnupg CVE-2006-0455 gpgv in GnuPG 1.4.x before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the sigbnature verification has succeeded. Note: this also occurs when running the equivalent command 'gpg --verify'. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0455 16663 http://www.securityfocus.com/bid/16663 18845 http://secunia.com/advisories/18845 18933 http://secunia.com/advisories/18933 18934 http://secunia.com/advisories/18934 18942 http://secunia.com/advisories/18942 18955 http://secunia.com/advisories/18955 18956 http://secunia.com/advisories/18956 18968 http://secunia.com/advisories/18968 19130 http://secunia.com/advisories/19130 19249 http://secunia.com/advisories/19249 19532 http://secunia.com/advisories/19532 2006-0008 http://www.trustix.org/errata/2006/0008 20060215 False positive signature verification in GnuPG http://www.securityfocus.com/archive/1/425289/100/0/threaded 20060401-01-U ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U 23221 http://www.osvdb.org/23221 ADV-2006-0610 http://www.vupen.com/english/advisories/2006/0610 DSA-978 http://www.us.debian.org/security/2006/dsa-978 FEDORA-2006-116 http://fedoranews.org/updates/FEDORA-2006-116.shtml FLSA-2006:185355 http://www.securityfocus.com/archive/1/433931/100/0/threaded GLSA-200602-10 http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml MDKSA-2006:043 http://www.mandriva.com/security/advisories?name=MDKSA-2006:043 OpenPKG-SA-2006.001 http://www.openpkg.org/security/OpenPKG-SA-2006.001-gnupg.html RHSA-2006:0266 http://www.redhat.com/support/errata/RHSA-2006-0266.html SSA:2006-072-02 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.476477 SUSE-SA:2006:009 http://www.novell.com/linux/security/advisories/2006_09_gpg.html SUSE-SA:2006:013 http://www.novell.com/linux/security/advisories/2006_13_gpg.html SUSE-SR:2006:005 http://www.novell.com/linux/security/advisories/2006_05_sr.html USN-252-1 http://www.ubuntu.com/usn/usn-252-1 [gnupg-announce] 20060215 False positive signature verification in GnuPG http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html [gnupg-devel] 20060215 [Announce] False positive signature verification in GnuPG http://marc.info/?l=gnupg-devel&m=113999098729114&w=2 gnupg-gpgv-improper-verification(24744) https://exchange.xforce.ibmcloud.com/vulnerabilities/24744 oval:org.mitre.oval:def:10084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10084
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.