FreeBSD Local Security Checks : FreeBSD Ports: gnupg

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57026

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: gnupg

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: gnupg

CVE-2006-3082
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,
allows remote attackers to cause a denial of service (gpg crash) and
possibly overwrite memory via a message packet with a large length,
which could lead to an integer overflow, as demonstrated using the

- -no-armor option.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-3082
BugTraq ID: 18554
http://www.securityfocus.com/bid/18554
Bugtraq: 20060629 rPSA-2006-0120-1 gnupg (Google Search)
http://www.securityfocus.com/archive/1/438751/100/0/threaded
Debian Security Information: DSA-1107 (Google Search)
http://www.debian.org/security/2006/dsa-1107
Debian Security Information: DSA-1115 (Google Search)
http://www.debian.org/security/2006/dsa-1115
http://seclists.org/lists/fulldisclosure/2006/May/0774.html
http://seclists.org/lists/fulldisclosure/2006/May/0782.html
http://seclists.org/lists/fulldisclosure/2006/May/0789.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:110
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.010.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10089
http://www.redhat.com/support/errata/RHSA-2006-0571.html
http://securitytracker.com/id?1016519
http://secunia.com/advisories/20783
http://secunia.com/advisories/20801
http://secunia.com/advisories/20811
http://secunia.com/advisories/20829
http://secunia.com/advisories/20881
http://secunia.com/advisories/20899
http://secunia.com/advisories/20968
http://secunia.com/advisories/21063
http://secunia.com/advisories/21135
http://secunia.com/advisories/21137
http://secunia.com/advisories/21143
http://secunia.com/advisories/21585
SGI Security Advisory: 20060701-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382
SuSE Security Announcement: SUSE-SR:2006:015 (Google Search)
http://www.novell.com/linux/security/advisories/2006_38_security.html
SuSE Security Announcement: SUSE-SR:2006:018 (Google Search)
http://www.novell.com/linux/security/advisories/2006_18_sr.html
https://usn.ubuntu.com/304-1/
http://www.vupen.com/english/advisories/2006/2450
XForce ISS Database: gnupg-parsepacket-bo(27245)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27245

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57026
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: gnupg
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: gnupg CVE-2006-3082 parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length, which could lead to an integer overflow, as demonstrated using the - -no-armor option. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3082 BugTraq ID: 18554 http://www.securityfocus.com/bid/18554 Bugtraq: 20060629 rPSA-2006-0120-1 gnupg (Google Search) http://www.securityfocus.com/archive/1/438751/100/0/threaded Debian Security Information: DSA-1107 (Google Search) http://www.debian.org/security/2006/dsa-1107 Debian Security Information: DSA-1115 (Google Search) http://www.debian.org/security/2006/dsa-1115 http://seclists.org/lists/fulldisclosure/2006/May/0774.html http://seclists.org/lists/fulldisclosure/2006/May/0782.html http://seclists.org/lists/fulldisclosure/2006/May/0789.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:110 http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.010.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10089 http://www.redhat.com/support/errata/RHSA-2006-0571.html http://securitytracker.com/id?1016519 http://secunia.com/advisories/20783 http://secunia.com/advisories/20801 http://secunia.com/advisories/20811 http://secunia.com/advisories/20829 http://secunia.com/advisories/20881 http://secunia.com/advisories/20899 http://secunia.com/advisories/20968 http://secunia.com/advisories/21063 http://secunia.com/advisories/21135 http://secunia.com/advisories/21137 http://secunia.com/advisories/21143 http://secunia.com/advisories/21585 SGI Security Advisory: 20060701-01-U ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382 SuSE Security Announcement: SUSE-SR:2006:015 (Google Search) http://www.novell.com/linux/security/advisories/2006_38_security.html SuSE Security Announcement: SUSE-SR:2006:018 (Google Search) http://www.novell.com/linux/security/advisories/2006_18_sr.html https://usn.ubuntu.com/304-1/ http://www.vupen.com/english/advisories/2006/2450 XForce ISS Database: gnupg-parsepacket-bo(27245) https://exchange.xforce.ibmcloud.com/vulnerabilities/27245
Copyright	Copyright (C) 2008 E-Soft Inc.