Test Kennung:	1.3.6.1.4.1.25623.1.0.56493
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2006:043 (gnupg)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to gnupg announced via advisory MDKSA-2006:043. Tavis Ormandy discovered it is possible to make gpg incorrectly return success when verifying an invalid signature file. The updated packages have been patched to address this issue. Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:043 Risk factor : Medium CVSS Score: 4.6
Querverweis:	BugTraq ID: 16663 Common Vulnerability Exposure (CVE) ID: CVE-2006-0455 16663 http://www.securityfocus.com/bid/16663 18845 http://secunia.com/advisories/18845 18933 http://secunia.com/advisories/18933 18934 http://secunia.com/advisories/18934 18942 http://secunia.com/advisories/18942 18955 http://secunia.com/advisories/18955 18956 http://secunia.com/advisories/18956 18968 http://secunia.com/advisories/18968 19130 http://secunia.com/advisories/19130 19249 http://secunia.com/advisories/19249 19532 http://secunia.com/advisories/19532 2006-0008 http://www.trustix.org/errata/2006/0008 20060215 False positive signature verification in GnuPG http://www.securityfocus.com/archive/1/425289/100/0/threaded 20060401-01-U ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U 23221 http://www.osvdb.org/23221 ADV-2006-0610 http://www.vupen.com/english/advisories/2006/0610 DSA-978 http://www.us.debian.org/security/2006/dsa-978 FEDORA-2006-116 http://fedoranews.org/updates/FEDORA-2006-116.shtml FLSA-2006:185355 http://www.securityfocus.com/archive/1/433931/100/0/threaded GLSA-200602-10 http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml MDKSA-2006:043 http://www.mandriva.com/security/advisories?name=MDKSA-2006:043 OpenPKG-SA-2006.001 http://www.openpkg.org/security/OpenPKG-SA-2006.001-gnupg.html RHSA-2006:0266 http://www.redhat.com/support/errata/RHSA-2006-0266.html SSA:2006-072-02 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.476477 SUSE-SA:2006:009 http://www.novell.com/linux/security/advisories/2006_09_gpg.html SUSE-SA:2006:013 http://www.novell.com/linux/security/advisories/2006_13_gpg.html SUSE-SR:2006:005 http://www.novell.com/linux/security/advisories/2006_05_sr.html USN-252-1 http://www.ubuntu.com/usn/usn-252-1 [gnupg-announce] 20060215 False positive signature verification in GnuPG http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html [gnupg-devel] 20060215 [Announce] False positive signature verification in GnuPG http://marc.info/?l=gnupg-devel&m=113999098729114&w=2 gnupg-gpgv-improper-verification(24744) https://exchange.xforce.ibmcloud.com/vulnerabilities/24744 oval:org.mitre.oval:def:10084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10084
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.