Anfälligkeitssuche        Suche in 191973 CVE Beschreibungen
und 86218 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.702601
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2601-1 (gnupg, gnupg2 - missing input sanitation)
Zusammenfassung:KB Sriram discovered that GnuPG, the GNU Privacy Guard did not;sufficiently sanitise public keys on import, which could lead to;memory and keyring corruption.;;The problem affects both version 1, in the gnupg package, and;version two, in the gnupg2;package.
Beschreibung:Summary:
KB Sriram discovered that GnuPG, the GNU Privacy Guard did not
sufficiently sanitise public keys on import, which could lead to
memory and keyring corruption.

The problem affects both version 1, in the gnupg package, and
version two, in the gnupg2
package.

Affected Software/OS:
gnupg, gnupg2 on Debian Linux

Solution:
For the stable distribution (squeeze), this problem has been fixed in
version 1.4.10-4+squeeze1 of gnupg and version 2.0.14-2+squeeze1 of
gnupg2.

For the testing distribution (wheezy) and unstable distribution (sid),
this problem has been fixed in version 1.4.12-7 of gnupg and
version 2.0.19-2 of gnupg2.

We recommend that you upgrade your gnupg and/or gnupg2 packages.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-6085
BugTraq ID: 57102
http://www.securityfocus.com/bid/57102
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095513.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095516.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:001
https://bugzilla.redhat.com/show_bug.cgi?id=891142
http://www.openwall.com/lists/oss-security/2013/01/01/6
RedHat Security Advisories: RHSA-2013:1459
http://rhn.redhat.com/errata/RHSA-2013-1459.html
http://www.ubuntu.com/usn/USN-1682-1
XForce ISS Database: gnupg-public-keys-code-exec(80990)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80990
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

Dies ist nur einer von 86218 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.