CVE-2006-3082
CVSS5.0
发布时间 :2006-06-19 14:02:00
修订时间 :2011-03-07 00:00:00
NMCOPS    

[原文]parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.


[CNNVD]GnuPG parse-packet.c 远程缓冲区溢出漏洞(CNNVD-200606-374)

        GnuPG (gpg) 1.4.3和1.9.20及之前版本中的parse-packet.c远程攻击者借助可能会导致整数溢出的具有大长度(长的用户ID字符串)的消息包,引起拒绝服务(gpg崩溃),比如使用--no-armor选项。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-189 [数值错误]

- CPE (受影响的平台与产品)

cpe:/a:gnupg:gnupg:1.4.3GnuPG (Privacy Guard) 1.4.3
cpe:/a:gnupg:gnupg:1.9.20GnuPG (Privacy Guard) 1.9.20

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10089parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and p...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3082
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200606-374
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/27245
(UNKNOWN)  XF  gnupg-parsepacket-bo(27245)
http://www.vupen.com/english/advisories/2006/2450
(VENDOR_ADVISORY)  VUPEN  ADV-2006-2450
http://www.ubuntulinux.org/support/documentation/usn/usn-304-1
(UNKNOWN)  UBUNTU  USN-304-1
http://www.securityfocus.com/bid/18554
(VENDOR_ADVISORY)  BID  18554
http://www.securityfocus.com/archive/1/archive/1/438751/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060629 rPSA-2006-0120-1 gnupg
http://www.redhat.com/support/errata/RHSA-2006-0571.html
(UNKNOWN)  REDHAT  RHSA-2006:0571
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.010.html
(UNKNOWN)  OPENPKG  OpenPKG-SA-2006.010
http://www.novell.com/linux/security/advisories/2006_38_security.html
(UNKNOWN)  SUSE  SUSE-SR:2006:015
http://www.novell.com/linux/security/advisories/2006_18_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:018
http://www.mandriva.com/security/advisories?name=MDKSA-2006:110
(UNKNOWN)  MANDRIVA  MDKSA-2006:110
http://www.debian.org/security/2006/dsa-1115
(UNKNOWN)  DEBIAN  DSA-1115
http://www.debian.org/security/2006/dsa-1107
(UNKNOWN)  DEBIAN  DSA-1107
http://support.avaya.com/elmodocs2/security/ASA-2006-167.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-167.htm
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382
(UNKNOWN)  SLACKWARE  SSA:2006-178-02
http://securitytracker.com/id?1016519
(UNKNOWN)  SECTRACK  1016519
http://secunia.com/advisories/21585
(VENDOR_ADVISORY)  SECUNIA  21585
http://secunia.com/advisories/21143
(VENDOR_ADVISORY)  SECUNIA  21143
http://secunia.com/advisories/21137
(VENDOR_ADVISORY)  SECUNIA  21137
http://secunia.com/advisories/21135
(VENDOR_ADVISORY)  SECUNIA  21135
http://secunia.com/advisories/21063
(VENDOR_ADVISORY)  SECUNIA  21063
http://secunia.com/advisories/20968
(VENDOR_ADVISORY)  SECUNIA  20968
http://secunia.com/advisories/20899
(VENDOR_ADVISORY)  SECUNIA  20899
http://secunia.com/advisories/20881
(VENDOR_ADVISORY)  SECUNIA  20881
http://secunia.com/advisories/20829
(VENDOR_ADVISORY)  SECUNIA  20829
http://secunia.com/advisories/20811
(VENDOR_ADVISORY)  SECUNIA  20811
http://secunia.com/advisories/20801
(VENDOR_ADVISORY)  SECUNIA  20801
http://secunia.com/advisories/20783
(VENDOR_ADVISORY)  SECUNIA  20783
http://seclists.org/lists/fulldisclosure/2006/May/0789.html
(UNKNOWN)  FULLDISC  20060601 Re: GnuPG fun
http://seclists.org/lists/fulldisclosure/2006/May/0782.html
(UNKNOWN)  FULLDISC  20060531 RE: GnuPG fun
http://seclists.org/lists/fulldisclosure/2006/May/0774.html
(UNKNOWN)  FULLDISC  20060531 GnuPG fun
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157
(UNKNOWN)  CONFIRM  http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
(UNKNOWN)  SGI  20060701-01-U

- 漏洞信息

GnuPG parse-packet.c 远程缓冲区溢出漏洞
中危 缓冲区溢出
2006-06-19 00:00:00 2006-07-17 00:00:00
远程  
        GnuPG (gpg) 1.4.3和1.9.20及之前版本中的parse-packet.c远程攻击者借助可能会导致整数溢出的具有大长度(长的用户ID字符串)的消息包,引起拒绝服务(gpg崩溃),比如使用--no-armor选项。

- 公告与补丁

        暂无数据

- 漏洞信息 (F48462)

Debian Linux Security Advisory 1115-1 (PacketStormID:F48462)
2006-07-24 00:00:00
Debian  debian.org
advisory,overflow
linux,debian
CVE-2006-3082
[点击下载]

Debian Security Advisory 1115-1 - Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID strings.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1115-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 21st, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gnupg2
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2006-3082

Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
PGP replacement contains an integer overflow that can cause a
segmentation fault and possibly overwrite memory via a large user ID
strings.

For the stable distribution (sarge) this problem has been fixed in
version 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.

For the unstable distribution (sid) this problem has been fixed in
version 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.

We recommend that you upgrade your gnupg package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.



Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.dsc
      Size/MD5 checksum:      854 d7f54b50b8c569566cfe0b865ec20323
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.diff.gz
      Size/MD5 checksum:  1859944 fbb56cbacfb82fb5666646bed3dd2944
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15.orig.tar.gz
      Size/MD5 checksum:  5454978 ee3885e2c74a9c1ae539d6f12091c30b

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_alpha.deb
      Size/MD5 checksum:   112318 e806b0cedb8ed0914e6e035d042acdd0
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_alpha.deb
      Size/MD5 checksum:   886212 1763f96899b22f286232871b9b085ed6
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_alpha.deb
      Size/MD5 checksum:   453430 6dfaaea879aa17fc0dd623889a983507

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_amd64.deb
      Size/MD5 checksum:    98464 cafa5d36dbcb21d795b6372c8293d6f8
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_amd64.deb
      Size/MD5 checksum:   774560 96bf1b958e560fe17d632c26c38d9efc
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_amd64.deb
      Size/MD5 checksum:   385700 4b2b4ddc50eaf51b5701d7d47e1c9b3c

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_arm.deb
      Size/MD5 checksum:    87318 d72f15b0cef0d127af34819d3ca5f14a
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_arm.deb
      Size/MD5 checksum:   712814 22e92a7324e81906493140954172d5bf
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_arm.deb
      Size/MD5 checksum:   339666 1d23cfebbe8e6c7396aeff77eb9c8820

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_i386.deb
      Size/MD5 checksum:    90042 0e930e3cdcb129f1a442299f4d0540e3
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_i386.deb
      Size/MD5 checksum:   731422 9a9f643a1dbc83c6b3f3dd9bfffe0a52
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_i386.deb
      Size/MD5 checksum:   351906 8282625e16ac625f67e38f39ff107652

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_ia64.deb
      Size/MD5 checksum:   130298 2eedf4cf8372007857433ca639524d9b
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_ia64.deb
      Size/MD5 checksum:  1026226 e782e4b34a5b92e8096d2654b2cc5a4c
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_ia64.deb
      Size/MD5 checksum:   539910 20467693f439c077a70084dc3a97013c

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_hppa.deb
      Size/MD5 checksum:   100568 8196f49a542cafff2df799dcf01aec82
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_hppa.deb
      Size/MD5 checksum:   794658 51ccc9c508247dd4f420f6cf6573aac2
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_hppa.deb
      Size/MD5 checksum:   393956 18059987ad743bf9af518acc89657417

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_m68k.deb
      Size/MD5 checksum:    82140 1fba5cdda78f5f5deca9627a85c04c57
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_m68k.deb
      Size/MD5 checksum:   669532 92a8750d7d53e87a6400dc0dbb3d09d6
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_m68k.deb
      Size/MD5 checksum:   311950 f1a33648d91e20d5b844f5c7f7da57a9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mips.deb
      Size/MD5 checksum:   100504 7d791fe14e51c77d2332f56a381cf271
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mips.deb
      Size/MD5 checksum:   788588 bdec126011eee7c8d8d72eca6cfdcdc4
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mips.deb
      Size/MD5 checksum:   395058 655dc54c72b2c0179d10c47b2f5860dd

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mipsel.deb
      Size/MD5 checksum:   100978 56b72587ce25c10b5dcc088a15909fe0
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mipsel.deb
      Size/MD5 checksum:   790238 e607d5e8afa7a8302f53445617d0c8b8
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mipsel.deb
      Size/MD5 checksum:   396254 470e2d93f2648e2cf6608324c1500d22

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_powerpc.deb
      Size/MD5 checksum:    95574 d69613b8feaec3e719a6d41e01c6bbb0
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_powerpc.deb
      Size/MD5 checksum:   769188 bb1d47b585a6ba73ec3ab5733c2bd9e5
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_powerpc.deb
      Size/MD5 checksum:   377318 62c7a186f295f33911233ecbe59df6b3

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_s390.deb
      Size/MD5 checksum:    98696 d105f1f4f8b7f622b2353e01bccf8f60
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_s390.deb
      Size/MD5 checksum:   766416 b697db437ddd9c6d66c18244b0730ef7
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_s390.deb
      Size/MD5 checksum:   384736 956245edec30fd206a7e63f58139937b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_sparc.deb
      Size/MD5 checksum:    89540 cbcc2a2dcc603baf6632446fcee75f6a
    http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_sparc.deb
      Size/MD5 checksum:   720868 97a6fd87caaf94c0d1ff3eb87f35b7cf
    http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_sparc.deb
      Size/MD5 checksum:   345146 51a1a825f01eff2085b2fddaa4394432



  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEwKOpW5ql+IAeqTIRAiLTAJ0a8FOKbD3hcaex0+g+Gp4Vuii6wQCfT5xu
gOIIm+WxL58JENjuO0Jy2nU=
=ug37
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F48170)

Debian Linux Security Advisory 1107-1 (PacketStormID:F48170)
2006-07-12 00:00:00
Debian  debian.org
advisory,overflow
linux,debian
CVE-2006-3082
[点击下载]

Debian Security Advisory 1107-1 - Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID strings.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1107-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 10th, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gnupg
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2006-3082

Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
PGP replacement contains an integer overflow that can cause a
segmentation fault and possibly overwrite memory via a large user ID
strings.

For the old stable distribution (woody) this problem has been fixed in
version 1.0.6-4woody6.

For the stable distribution (sarge) this problem has been fixed in
version 1.4.1-1.sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 1.4.3-2.

We recommend that you upgrade your gnupg package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.dsc
      Size/MD5 checksum:      577 40a60f7ff8a7c36e4ffb308caa350e70
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.diff.gz
      Size/MD5 checksum:     8597 add04b0a8c391de7134cca7c943d15d9
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6.orig.tar.gz
      Size/MD5 checksum:  1941676 7c319a9e5e70ad9bc3bf0d7b5008a508

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_alpha.deb
      Size/MD5 checksum:  1151184 3c46ca0e7a42f819619ba2a021a38eb9

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_arm.deb
      Size/MD5 checksum:   987554 843109424859d6a1006898419d6d642e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_i386.deb
      Size/MD5 checksum:   966904 8ffd681040a2d466389f058e25ae29ae

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_ia64.deb
      Size/MD5 checksum:  1272488 5dcf85dd73bd2015438fd995a16762e5

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_hppa.deb
      Size/MD5 checksum:  1060316 22496f4150fd2334f7504deff0c474a1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_m68k.deb
      Size/MD5 checksum:   942994 bc7eede5abdcbe721ff81a5e242ebfb6

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mips.deb
      Size/MD5 checksum:  1036510 5e5824568a6a4b50851513c27db5a139

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mipsel.deb
      Size/MD5 checksum:  1036966 792c1f9b0f61349001a789b08bf862d8

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_powerpc.deb
      Size/MD5 checksum:  1010208 6f1b3a058b7afab16a35ccba4d6b107e

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_s390.deb
      Size/MD5 checksum:  1002808 80b5ca38f239a23c8e2119b39966279b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_sparc.deb
      Size/MD5 checksum:  1003856 aa89804a111cdbede9845a8eb179f9d2


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.dsc
      Size/MD5 checksum:      680 006a79b9793ba193aa227850c11984dd
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.diff.gz
      Size/MD5 checksum:    20197 488b0289778532beb0608b8dca7982a7
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
      Size/MD5 checksum:  4059170 1cc77c6943baaa711222e954bbd785e5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_alpha.deb
      Size/MD5 checksum:  2155794 cb1d024d2cae8c132bafe3422a2d1b3e

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_amd64.deb
      Size/MD5 checksum:  1963478 d0d3432b4b5968d2f837414b4202afe9

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_arm.deb
      Size/MD5 checksum:  1899338 b670611700f39489ea99517eb50678a9

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_i386.deb
      Size/MD5 checksum:  1908580 0f8623e8b3a59e9c8101fa2f7c23f576

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_ia64.deb
      Size/MD5 checksum:  2325178 fb8ba4735f0769f7c21e974321bd7c89

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_hppa.deb
      Size/MD5 checksum:  2003982 14149a1cee79407a1f99e5ae340dd501

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_m68k.deb
      Size/MD5 checksum:  1811020 dc751374cc6f994782e7de9ed5fd77ea

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mips.deb
      Size/MD5 checksum:  2000688 0d44abe0cc416c06d63699a6c77b232d

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mipsel.deb
      Size/MD5 checksum:  2007524 e59ad95cf552d2a4cb31a11b4db50147

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_powerpc.deb
      Size/MD5 checksum:  1957934 62443926a7a4fe049e62a8515a0ecb27

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_s390.deb
      Size/MD5 checksum:  1967012 a6b8d7173799fc57e46456a305f97d78

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_sparc.deb
      Size/MD5 checksum:  1897410 6f793e910bb6a793c96c875059626914


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEsk6lW5ql+IAeqTIRAtZ/AKCDGDZiFFPEC9Ur6q1Scb/NBXS6SACgj+Qb
2u+tl5LGg3pSDwiDgpZ/QpI=
=OGgG
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F47790)

Ubuntu Security Notice 304-1 (PacketStormID:F47790)
2006-06-27 00:00:00
Ubuntu  ubuntu.com
advisory,remote,overflow,arbitrary
linux,ubuntu
CVE-2006-3082
[点击下载]

Ubuntu Security Notice 304-1 - Evgeny Legerov discovered that GnuPG did not sufficiently check overly large user ID packets. Specially crafted user IDs caused a buffer overflow. By tricking an user or remote automated system into processing a malicious GnuPG message, an attacker could exploit this to crash GnuPG or possibly even execute arbitrary code.

=========================================================== 
Ubuntu Security Notice USN-304-1              June 26, 2006
gnupg vulnerability
CVE-2006-3082
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  gnupg                          1.2.5-3ubuntu5.4

Ubuntu 5.10:
  gnupg                          1.4.1-1ubuntu1.3

Ubuntu 6.06 LTS:
  gnupg                          1.4.2.2-1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Evgeny Legerov discovered that GnuPG did not sufficiently check overly
large user ID packets. Specially crafted user IDs caused a buffer
overflow. By tricking an user or remote automated system into
processing a malicous GnuPG message, an attacker could exploit this to
crash GnuPG or possibly even execute arbitrary code.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.4.diff.gz
      Size/MD5:    66657 258c3a5166f20a0859a3137a0154e661
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.4.dsc
      Size/MD5:      654 7d0e00dfc3d9c8008fa863ad082a8244
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5.orig.tar.gz
      Size/MD5:  3645308 9109ff94f7a502acd915a6e61d28d98a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.4_amd64.deb
      Size/MD5:   805972 eb80d914280ca0d14e518c2517303fca
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.4_amd64.udeb
      Size/MD5:   146410 b1fe302ef21bb1b2a861dca1648671c8

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.4_i386.deb
      Size/MD5:   750660 f7799aacd286de91cf1590d47f092fbf
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.4_i386.udeb
      Size/MD5:   121398 d3908ec7b4a400c372a887ffff90cd5c

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.2.5-3ubuntu5.4_powerpc.deb
      Size/MD5:   806578 76656bbbce1e59dee14a07c4d06c9169
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.2.5-3ubuntu5.4_powerpc.udeb
      Size/MD5:   135516 57192001042e37f1597cbe8d4cc96397

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3.diff.gz
      Size/MD5:    21031 d2e00314a6319c80e40af374299b3cdb
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3.dsc
      Size/MD5:      684 65b8ffc1c7f51d2920496eddadfb1236
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
      Size/MD5:  4059170 1cc77c6943baaa711222e954bbd785e5

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3_amd64.deb
      Size/MD5:  1136302 5b871cea504e1b520ac61ee0ace19452
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.3_amd64.udeb
      Size/MD5:   152178 97622cf5abc3f4923281d08536f816c0

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3_i386.deb
      Size/MD5:  1044392 30c94fae4dbc994eed85d226b226a938
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.3_i386.udeb
      Size/MD5:   130644 216ff1f2393a2dd5bf5c814a5f33ae9f

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3_powerpc.deb
      Size/MD5:  1119498 67ad3b4a3254334e85bd659e24a65bea
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.3_powerpc.udeb
      Size/MD5:   140162 38a01b4e3f447f6cd340d6d17b714180

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.3_sparc.deb
      Size/MD5:  1064176 4e4e2671d46f266792d6693208bd5b34
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.3_sparc.udeb
      Size/MD5:   139584 9d840a2108b3d999e8b0ad620a262f69

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1.diff.gz
      Size/MD5:    19943 a04a4bdf67d9e86d15c8b89312b455e5
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1.dsc
      Size/MD5:      692 90847403acb4d359f8b75ad345985b9d
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2.orig.tar.gz
      Size/MD5:  4222685 50d8fd9c5715ff78b7db0e5f20d08550

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1_amd64.deb
      Size/MD5:  1066042 bb06afba5075ee71763b6391959cd074
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.1_amd64.udeb
      Size/MD5:   140274 3bfce59e90c5d356c743e0f7612ad2a6

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1_i386.deb
      Size/MD5:   980840 4c677c20e0684b1271cc6606ab17a923
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.1_i386.udeb
      Size/MD5:   120298 cb027ca2dac06902a764a40ca2f02fe4

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1_powerpc.deb
      Size/MD5:  1053332 20b7f093e43c9b8ea71c4860d4d312ae
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.1_powerpc.udeb
      Size/MD5:   130084 5035c386a599e112167cefd04964c911

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.1_sparc.deb
      Size/MD5:   993688 3aaaa181b7a003539bda014a71296b72
    http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.1_sparc.udeb
      Size/MD5:   127372 0f86bc1b29af92d85382e4d7bee4129d

    

- 漏洞信息 (F47747)

Mandriva Linux Security Advisory 2006.110 (PacketStormID:F47747)
2006-06-27 00:00:00
Mandriva  mandriva.com
advisory,remote
linux,mandriva
CVE-2006-3082
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-110 - A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier) that could allow a remote attacker to cause gpg to crash and possibly overwrite memory via a message packet with a large length.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:110
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : gnupg
 Date    : June 20, 2006
 Affected: 10.2, 2006.0, Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier)
 that could allow a remote attacker to cause gpg to crash and possibly
 overwrite memory via a message packet with a large length.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.2:
 d3a12d93b7bbe542458348cc51dcead8  10.2/RPMS/gnupg-1.4.2.2-0.2.102mdk.i586.rpm
 731dc939288445076650464d2e00ac87  10.2/SRPMS/gnupg-1.4.2.2-0.2.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 0e39c1d095a27e35a6e8f76899e27628  x86_64/10.2/RPMS/gnupg-1.4.2.2-0.2.102mdk.x86_64.rpm
 731dc939288445076650464d2e00ac87  x86_64/10.2/SRPMS/gnupg-1.4.2.2-0.2.102mdk.src.rpm

 Mandriva Linux 2006.0:
 a58b87cc4962c958d2b5ab8ce6ff2af0  2006.0/RPMS/gnupg-1.4.2.2-0.2.20060mdk.i586.rpm
 629ccc307a6b0ba7a6b20e4e0c293594  2006.0/RPMS/gnupg2-1.9.16-4.1.20060mdk.i586.rpm
 c4e6a135b2a74c3b753636fdb7459183  2006.0/SRPMS/gnupg-1.4.2.2-0.2.20060mdk.src.rpm
 f81f714630d5ea3516f619e532bdf407  2006.0/SRPMS/gnupg2-1.9.16-4.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 600e6b7de637676c066f716ad8927acc  x86_64/2006.0/RPMS/gnupg-1.4.2.2-0.2.20060mdk.x86_64.rpm
 947ef9f61b86dc0e53b926545da1dc5c  x86_64/2006.0/RPMS/gnupg2-1.9.16-4.1.20060mdk.x86_64.rpm
 c4e6a135b2a74c3b753636fdb7459183  x86_64/2006.0/SRPMS/gnupg-1.4.2.2-0.2.20060mdk.src.rpm
 f81f714630d5ea3516f619e532bdf407  x86_64/2006.0/SRPMS/gnupg2-1.9.16-4.1.20060mdk.src.rpm

 Corporate 3.0:
 b6749396abd547f862babb262b20a6a0  corporate/3.0/RPMS/gnupg-1.4.2.2-0.2.C30mdk.i586.rpm
 d1562a6ce6f3f1e995cbceb39e4d4760  corporate/3.0/SRPMS/gnupg-1.4.2.2-0.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 d5d73bc8f01dab03beba0b305d5d1ecb  x86_64/corporate/3.0/RPMS/gnupg-1.4.2.2-0.2.C30mdk.x86_64.rpm
 d1562a6ce6f3f1e995cbceb39e4d4760  x86_64/corporate/3.0/SRPMS/gnupg-1.4.2.2-0.2.C30mdk.src.rpm

 Multi Network Firewall 2.0:
 610a0a00957c503172904a054cc98a2a  mnf/2.0/RPMS/gnupg-1.4.2.2-0.2.M20mdk.i586.rpm
 3291b35f3c2c2fdafc42d8fc8f7062da  mnf/2.0/SRPMS/gnupg-1.4.2.2-0.2.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEmHEJmqjQ0CJFipgRAtVCAKCyVLFVCZTrQGcpPAQYz6c3iZEjPgCgqpX0
GuOteS9filZcv68pum5+BeU=
=ywCK
-----END PGP SIGNATURE-----

    

- 漏洞信息

26770
GnuPG parse-packet.c Large Packet Length DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-05-31 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GnuPG Parse_User_ID Remote Buffer Overflow Vulnerability
Boundary Condition Error 18554
Yes No
2006-06-20 12:00:00 2007-03-19 11:04:00
Evgeny Legerov discovered this issue.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise SDK 10
SuSE SUSE Linux Enterprise Desktop 10
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
SGI ProPack 3.0 SP6
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SuSE Linux Open-Xchange 4.1
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Office Server
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Office Server
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Database Server 0
S.u.S.E. Linux Connectivity Server
rPath rPath Linux 1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core6
Red Hat Fedora Core5
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG 2.2
OpenPKG OpenPKG Current
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU GNU Privacy Guard 1.9.20
GNU GNU Privacy Guard 1.9.15
GNU GNU Privacy Guard 1.4.3
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Avaya S8710 R2.0.1
Avaya S8710 R2.0.0
Avaya S8700 R2.0.1
Avaya S8700 R2.0.0
Avaya S8500 R2.0.1
Avaya S8500 R2.0.0
Avaya S8300 R2.0.1
Avaya S8300 R2.0.0
Avaya Messaging Storage Server
Avaya Message Networking
Avaya Intuity LX
Avaya Converged Communications Server 2.0
GNU GNU Privacy Guard 1.4.4

- 不受影响的程序版本

GNU GNU Privacy Guard 1.4.4

- 漏洞讨论

GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

GnuPG versions 1.4.3 and 1.9.20 are vulnerable to this issue; previous versions may also be affected.

- 漏洞利用

The following Perl command demonstrates this issue by crashing the affected application:

perl -e 'print "\xcd\xff\xff\xff\xff\xfe"'| /var/gnupg/bin/gpg --no-armor

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

The vendor has released version 1.4.4 of GNUPG to address this issue.

Please see the referenced advisories for information on obtaining and applying fixes.


GNU GNU Privacy Guard 1.9.15

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站