CVE-2006-0455
CVSS4.6
发布时间 :2006-02-15 17:06:00
修订时间 :2016-10-17 23:38:56
NMCOS    

[原文]gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".


[CNNVD]GnuPG 验证绕过漏洞(CNNVD-200602-203)

        GnuPG 1.4.2.1版之前的gpgv在使用自动签名验证时会在特定情况下(即使分离签名文件没有包含签名)返回0退出代码,从而使使用gpgv的程序认为已顺利完成签名验证。注意:当运行类似的命令"gpg --verify"时也会出现这种情况。

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:gnu:privacy_guard:1.4GNU GNU Privacy Guard 1.4
cpe:/a:gnu:privacy_guard:1.2GNU GNU Privacy Guard 1.2
cpe:/a:gnu:privacy_guard:1.2.2:rc1
cpe:/a:gnu:privacy_guard:1.2.7GNU GNU Privacy Guard 1.2.7
cpe:/a:gnu:privacy_guard:1.2.6GNU GNU Privacy Guard 1.2.6
cpe:/a:gnu:privacy_guard:1.0.7GNU GNU Privacy Guard 1.0.7
cpe:/a:gnu:privacy_guard:1.2.5GNU GNU Privacy Guard 1.2.5
cpe:/a:gnu:privacy_guard:1.3.4GNU GNU Privacy Guard 1.3.4
cpe:/a:gnu:privacy_guard:1.0.6GNU GNU Privacy Guard 1.0.6
cpe:/a:gnu:privacy_guard:1.2.4GNU GNU Privacy Guard 1.2.4
cpe:/a:gnu:privacy_guard:1.3.3GNU GNU Privacy Guard 1.3.3
cpe:/a:gnu:privacy_guard:1.4.2GNU GNU Privacy Guard 1.4.2
cpe:/a:gnu:privacy_guard:1.0GNU GNU Privacy Guard 1.0
cpe:/a:gnu:privacy_guard:1.0.5GNU GNU Privacy Guard 1.0.5
cpe:/a:gnu:privacy_guard:1.2.3GNU GNU Privacy Guard 1.2.3
cpe:/a:gnu:privacy_guard:1.4.1GNU GNU Privacy Guard 1.4.1
cpe:/a:gnu:privacy_guard:1.0.4GNU GNU Privacy Guard 1.0.4
cpe:/a:gnu:privacy_guard:1.2.2GNU GNU Privacy Guard 1.2.2
cpe:/a:gnu:privacy_guard:1.0.3GNU GNU Privacy Guard 1.0.3
cpe:/a:gnu:privacy_guard:1.2.1GNU GNU Privacy Guard 1.2.1
cpe:/a:gnu:privacy_guard:1.0.2GNU GNU Privacy Guard 1.0.2
cpe:/a:gnu:privacy_guard:1.0.1GNU GNU Privacy Guard 1.0.1
cpe:/a:gnu:privacy_guard:1.0.3b

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10084gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached si...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0455
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0455
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200602-203
(官方数据源) CNNVD

- 其它链接及资源

ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
(UNKNOWN)  SGI  20060401-01-U
http://fedoranews.org/updates/FEDORA-2006-116.shtml
(UNKNOWN)  FEDORA  FEDORA-2006-116
http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html
(UNKNOWN)  MLIST  [gnupg-announce] 20060215 False positive signature verification in GnuPG
http://marc.info/?l=gnupg-devel&m=113999098729114&w=2
(UNKNOWN)  MLIST  [gnupg-devel] 20060215 [Announce] False positive signature verification in GnuPG
http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200602-10
http://www.mandriva.com/security/advisories?name=MDKSA-2006:043
(UNKNOWN)  MANDRIVA  MDKSA-2006:043
http://www.novell.com/linux/security/advisories/2006_05_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:005
http://www.novell.com/linux/security/advisories/2006_09_gpg.html
(VENDOR_ADVISORY)  SUSE  SUSE-SA:2006:009
http://www.novell.com/linux/security/advisories/2006_13_gpg.html
(UNKNOWN)  SUSE  SUSE-SA:2006:013
http://www.openpkg.org/security/OpenPKG-SA-2006.001-gnupg.html
(VENDOR_ADVISORY)  OPENPKG  OpenPKG-SA-2006.001
http://www.redhat.com/support/errata/RHSA-2006-0266.html
(UNKNOWN)  REDHAT  RHSA-2006:0266
http://www.securityfocus.com/archive/1/archive/1/425289/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060215 False positive signature verification in GnuPG
http://www.securityfocus.com/archive/1/archive/1/433931/100/0/threaded
(UNKNOWN)  FEDORA  FLSA-2006:185355
http://www.securityfocus.com/bid/16663
(PATCH)  BID  16663
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.476477
(PATCH)  SLACKWARE  SSA:2006-072-02
http://www.trustix.org/errata/2006/0008
(UNKNOWN)  TRUSTIX  2006-0008
http://www.ubuntu.com/usn/usn-252-1
(UNKNOWN)  UBUNTU  USN-252-1
http://www.us.debian.org/security/2006/dsa-978
(VENDOR_ADVISORY)  DEBIAN  DSA-978
http://www.vupen.com/english/advisories/2006/0610
(VENDOR_ADVISORY)  VUPEN  ADV-2006-0610
http://xforce.iss.net/xforce/xfdb/24744
(UNKNOWN)  XF  gnupg-gpgv-improper-verification(24744)

- 漏洞信息

GnuPG 验证绕过漏洞
中危 设计错误
2006-02-15 00:00:00 2007-02-07 00:00:00
本地  
        GnuPG 1.4.2.1版之前的gpgv在使用自动签名验证时会在特定情况下(即使分离签名文件没有包含签名)返回0退出代码,从而使使用gpgv的程序认为已顺利完成签名验证。注意:当运行类似的命令"gpg --verify"时也会出现这种情况。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        GNU GNU Privacy Guard 1.0
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0 .6
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0.1
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0.2
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0.3
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0.4
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU finger 1.0.7
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.0.7
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        Mandriva gnupg-1.0.7-3.4.C21mdk.i586.rpm
        Corporate Server 2.1:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.0.7-3.4.C21mdk.src.rpm
        Corporate Server 2.1:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.0.7-3.4.C21mdk.x86_64.rpm
        Corporate Server 2.1:
        http://www.mandriva.com/en/download
        GNU GNU Privacy Guard 1.2.1
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.2.2 -rc1
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.2.2 -r1
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.2.3
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.2.4
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        Mandriva gnupg-1.2.4-1.2.101mdk.i586.rpm
        Mandriva Linux 10.1:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.2.4-1.2.101mdk.src.rpm
        Mandriva Linux 10.1:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.2.4-1.2.101mdk.x86_64.rpm
        Mandriva Linux 10.1:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.2.4-1.2.C30mdk.i586.rpm
        Corporate 3.0:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.2.4-1.2.C30mdk.src.rpm
        Corporate 3.0:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.2.4-1.2.C30mdk.x86_64.rpm
        Corporate 3.0:
        http://www.mandriva.com/en/download
        Ubuntu gnupg_1.2.4-4ubuntu2.2_amd64.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubunt u2.2_amd64.deb
        Ubuntu gnupg_1.2.4-4ubuntu2.2_i386.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubunt u2.2_i386.deb
        Ubuntu gnupg_1.2.4-4ubuntu2.2_powerpc.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.4-4ubunt u2.2_powerpc.deb
        GNU GNU Privacy Guard 1.2.6
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        Trustix gnupg-1.4.2.1-1tr.i586.rpm
        TSL 3.0
        ftp://ftp.trustix.org/pub/trustix/updates
        Trustix gnupg-utils-1.4.2.1-1tr.i586.rpm
        TSL 3.0
        ftp://ftp.trustix.org/pub/trustix/updates
        GNU GNU Privacy Guard 1.3.3
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.3.4
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        GNU GNU Privacy Guard 1.4
        GNU gnupg-1.4.2.1.tar.bz2
        ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.1.tar.bz2
        Mandriva gnupg-1.4.0-4.1.102mdk.i586.rpm
        Mandriva Linux 10.2:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.4.0-4.1.102mdk.src.rpm
        Mandriva Linux 10.2:
        http://www.mandriva.com/en/download
        Mandriva gnupg-1.4.0-4.1.102mdk.x86_64.rpm
        Mandriva Linux 10.2:
        http://www.mandriva.com/en/download
        GNU GNU Privacy Guard 1.4.1
        Debian gnupg_1.4.1-1sarge1_alpha.deb
        Debian GNU/Linux 3.1 alias sarge
        http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarg e1_alpha.deb
        Debian gnupg_1.4.1-1sarge1_amd64.deb
        Debian GNU/Linux 3.1 alias sarge

- 漏洞信息

23221
GnuPG gpgv Detached Signature Verification Failure

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-02-15 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.4.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GnuPG Detached Signature Verification Bypass Vulnerability
Design Error 16663
Yes Yes
2006-02-15 12:00:00 2006-12-22 12:04:00
taviso from the Gentoo project discovered this issue and reported it to the vendor.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SGI ProPack 3.0 SP6
S.u.S.E. UnitedLinux 1.0
S.u.S.E. tomboy 10.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. liferea 10.0
S.u.S.E. blam 10.0
S.u.S.E. blam 9.3
S.u.S.E. beagle 10.0
S.u.S.E. beagle 9.3
S.u.S.E. banshee 10.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG Current
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
GNU PG 1.2.6
GNU GNU Privacy Guard 1.4.2
GNU GNU Privacy Guard 1.4.1
GNU GNU Privacy Guard 1.4
GNU GNU Privacy Guard 1.3.4
GNU GNU Privacy Guard 1.3.3
GNU GNU Privacy Guard 1.2.7
GNU GNU Privacy Guard 1.2.6
GNU GNU Privacy Guard 1.2.5
GNU GNU Privacy Guard 1.2.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU GNU Privacy Guard 1.2.3
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.2
+ Turbolinux Turbolinux Desktop 10.0
GNU GNU Privacy Guard 1.2.2 -rc1
+ S.u.S.E. Linux Personal 8.2
GNU GNU Privacy Guard 1.2.2 -r1
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
GNU GNU Privacy Guard 1.2.2
GNU GNU Privacy Guard 1.2.1
+ Conectiva Linux 9.0
+ OpenPKG OpenPKG 1.2
+ RedHat Linux 9.0 i386
+ Terra Soft Solutions Yellow Dog Linux 3.0
GNU GNU Privacy Guard 1.2
GNU GNU Privacy Guard 1.0.7
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ MandrakeSoft apcupsd 2006.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ OpenPKG OpenPKG 1.1
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 8.0 i386
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux Advanced Work Station 2.1
+ Sun Linux 5.0.5
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 6.5
+ Turbolinux Turbolinux Server 6.1
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
+ Turbolinux Turbolinux Workstation 6.0
GNU GNU Privacy Guard 1.0.6
GNU GNU Privacy Guard 1.0.5
GNU GNU Privacy Guard 1.0.4
- Turbolinux Turbolinux 6.0.5
- Turbolinux Turbolinux Server 6.5
- Turbolinux Turbolinux Workstation 6.1
GNU GNU Privacy Guard 1.0.3 b
GNU GNU Privacy Guard 1.0.3
GNU GNU Privacy Guard 1.0.2
GNU GNU Privacy Guard 1.0.1
GNU GNU Privacy Guard 1.0 .6
- MandrakeSoft Corporate Server 1.0.1
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
GNU GNU Privacy Guard 1.0
GNU finger 1.0.7
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
GNU GNU Privacy Guard 1.4.2 .1

- 不受影响的程序版本

GNU GNU Privacy Guard 1.4.2 .1

- 漏洞讨论

GnuPG is affected by a detached signature verification-bypass vulnerability because it fails to properly notify scripts that an invalid detached signature was presented and that the verification process has failed.

Exploiting this issue allows attackers to bypass the signature-verification process used in some automated scripts. Depending on the use of GnuPG, this may result in a false sense of security, the installation of malicious packages, the execution of attacker-supplied code, or other attacks.

- 漏洞利用

An exploit is not required.

An example demonstrating this issue was provided:

fortune >x.txt
perl -e 'print "\xca"x"64"' >x.txt.sig
gpgv x.txt.sig x.txt
echo $?

This creates a file as well as an obviously invalid detached signature file. The file is then successfully validated by 'gpgv', since the exit status is '0'.

- 解决方案

Please see the referenced vendor advisories for more information and fixes.


GNU GNU Privacy Guard 1.0

GNU GNU Privacy Guard 1.0 .6

GNU GNU Privacy Guard 1.0.1

GNU GNU Privacy Guard 1.0.2

GNU GNU Privacy Guard 1.0.3

GNU GNU Privacy Guard 1.0.4

GNU finger 1.0.7

GNU GNU Privacy Guard 1.0.7

GNU GNU Privacy Guard 1.2.1

GNU GNU Privacy Guard 1.2.2 -rc1

GNU GNU Privacy Guard 1.2.2 -r1

GNU GNU Privacy Guard 1.2.3

GNU GNU Privacy Guard 1.2.4

GNU GNU Privacy Guard 1.2.6

GNU GNU Privacy Guard 1.3.3

GNU GNU Privacy Guard 1.3.4

GNU GNU Privacy Guard 1.4

GNU GNU Privacy Guard 1.4.1

S.u.S.E. Linux Professional 10.0

S.u.S.E. Linux Professional 9.1

S.u.S.E. Linux Professional 9.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站