CVSS: 5.0EPSS: 1%CPEs: 64EXPL: 0CVE-2014-4617
https://notcve.org/view.php?id=CVE-2014-4617
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. La función do_uncompress en g10/compress.c en GnuPG 1.x anterior a 1.4.17 y 2.x anterior a 2.0.24 permite a atacantes dependientes de contexto causar una denegación de servicio (bucle infinito) a través de paquetes comprimidos malformados, tal y como fue demostrado por una secuencia de bytes a3 01 5b ff. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=014b2103fcb12f261135e3954f26e9e07b39e342 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=11fdfcf82bd8d2b5bc38292a29876e10770f4b0a http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html http://lists.opensuse.org/opensuse-updates/2014-07/msg00010.html http://secunia.com/advisories/59213 http://secunia.com/advisories/59351 http://secunia.com/ad • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3CVE-2014-1927
https://notcve.org/view.php?id=CVE-2014-1927
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323. La función shell_quote en python-gnupg 0.3.5 no cita debidamente cadenas, lo que permite a atacantes dependientes de contexto ejecutar código arbitrario a través de metacaracteres de shell en vectores no especificados, tal y como fue demostrado mediante el uso de secuencias de sustitución de comandos '$(', una vulnerabilidad diferente a CVE-2014-1928. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2013-7323. • http://seclists.org/oss-sec/2014/q1/245 http://seclists.org/oss-sec/2014/q1/294 http://secunia.com/advisories/56616 http://secunia.com/advisories/59031 http://www.debian.org/security/2014/dsa-2946 https://code.google.com/p/python-gnupg https://code.google.com/p/python-gnupg/issues/detail?id=98 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2014-1929
https://notcve.org/view.php?id=CVE-2014-1929
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323. python-gnupg 0.3.5 y 0.3.6 permite a atacantes dependientes de contexto tener un impacto no especificado a través de vectores relacionados con 'la inyección de opciones mediante argumentos posicionales.' NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2013-7323. • http://seclists.org/oss-sec/2014/q1/245 http://seclists.org/oss-sec/2014/q1/335 http://secunia.com/advisories/59031 http://www.debian.org/security/2014/dsa-2946 • CWE-20: Improper Input Validation •
CVSS: 2.9EPSS: 0%CPEs: 43EXPL: 0CVE-2013-4576 – gnupg: RSA secret key recovery via acoustic cryptanalysis
https://notcve.org/view.php?id=CVE-2013-4576
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE. GnuPG 1.x anteriores a 1.4.16 genera claves RSA utilizando secuencias de introducciones con ciertos patrones que introducen un ataque de canal lateral, lo cual permite a atacantes físicamente próximos extraer claves RSA a través de un ataque de texto cifrado elegido y criptoanálisis acústico durante el descifrado. • http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html http://osvdb.org/101170 http://rhn.redhat.com/errata/RHSA-2014-0016.html http://seclists.org/oss-sec/2013/q4/520 http://seclists.org/oss-sec/2013/q4/523 http://www.cs.tau.ac.il/~tromer/acoustic http://www.debian.org/security/2013/dsa-2821 http://www.securityfocus.com/bid/64424 http://www.securitytracker.com/id/1029513 http://www.tau.ac.il/~tromer/papers/acoustic-20131218.pdf ht • CWE-255: Credentials Management Errors •
CVSS: 1.9EPSS: 0%CPEs: 96EXPL: 0CVE-2013-4242 – GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack
https://notcve.org/view.php?id=CVE-2013-4242
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. GnuPG anterior a 1.4.14, y Libgcrypt anterior a 1.5.3 usado en GnuPG 2.0.x y posiblemente otros productos, permite a usuarios locales obtener las claves RSA privadas a través de un ataque "side-channel" que involucra la caché L3. Aka Flush+Reload. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717880 http://eprint.iacr.org/2013/448 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-1457.html http://secunia.com/advisories/54318 http://secunia.com/advisories/54321 http://secunia.com/advisories/54332 http://secunia.com/advisories/54375 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •