 |
Inicial ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles Site
Analyzer ▼
Inicial
Análisis Avanzado
Análisis Estándar
Análisis Básico
Resumen de Precios/Funciones
Ordenar
Preguntas Frecuentes
Ejecutar Análisis Reportes Ver Cola Recordatorio | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.702601 |
| Categoría: | Debian Local Security Checks |
| Título: | Debian Security Advisory DSA 2601-1 (gnupg, gnupg2 - missing input sanitation) |
| Resumen: | KB Sriram discovered that GnuPG, the GNU Privacy Guard did not;sufficiently sanitise public keys on import, which could lead to;memory and keyring corruption.;;The problem affects both version 1, in the gnupg package, and;version two, in the gnupg2;package. |
| Descripción: | Summary: KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on import, which could lead to memory and keyring corruption. The problem affects both version 1, in the gnupg package, and version two, in the gnupg2 package. Affected Software/OS: gnupg, gnupg2 on Debian Linux Solution: For the stable distribution (squeeze), this problem has been fixed in version 1.4.10-4+squeeze1 of gnupg and version 2.0.14-2+squeeze1 of gnupg2. For the testing distribution (wheezy) and unstable distribution (sid), this problem has been fixed in version 1.4.12-7 of gnupg and version 2.0.19-2 of gnupg2. We recommend that you upgrade your gnupg and/or gnupg2 packages. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-6085 BugTraq ID: 57102 http://www.securityfocus.com/bid/57102 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095513.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095516.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:001 https://bugzilla.redhat.com/show_bug.cgi?id=891142 http://www.openwall.com/lists/oss-security/2013/01/01/6 RedHat Security Advisories: RHSA-2013:1459 http://rhn.redhat.com/errata/RHSA-2013-1459.html http://www.ubuntu.com/usn/USN-1682-1 XForce ISS Database: gnupg-public-keys-code-exec(80990) https://exchange.xforce.ibmcloud.com/vulnerabilities/80990 |
| Copyright | Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net |
| Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |