Page 4 of 20 results (0.007 seconds)

CVSS: 5.8EPSS: 4%CPEs: 27EXPL: 1

The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. La función "read_block" en g10/import.c en GnuPG v1.4.x anterior a v1.4.13 y v2.0.x a la v2.0.19, cuando se importa una clave, permite a atacantes remotos corromper la base de datos del anillo de claves publicas (caída de la aplicación) o causar una denegación de servicio a través de la modificación de a longitud de campo de un paquete OpenPGP. • http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commitdiff%3Bh=f0b33b6fb8e0586e9584a7a409dcc31263776a67 http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095513.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095516.html http://rhn.redhat.com/errata/RHSA-2013-1459.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:001 http://www.openwall.com/lists/oss-security/2013/01/01/6 http://www.securityfocus.com/bid/57102 http://www.u • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 30%CPEs: 2EXPL: 1

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection. GnuPG 1.4.6 y anteriores y GPGME anterior a 1.1.4, al ser ejecutado desde la línea de comandos, no distingue visualmente trozos firmados de no firmados en mensajes OpenPGP con múltiples componentes, lo cual podría permitir a atacantes remotos falsificar el contenido de un mensaje sin ser detectado. • https://www.exploit-db.com/exploits/29689 ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://fedoranews.org/cms/node/2775 http://fedoranews.org/cms/node/2776 http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html http://secunia.com/advisories/24365 http://secunia.com/advisories/24407 http://secunia.com/advisories/24419 http://secunia.com/advisories/24420 http •

CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0

Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable_string function to return a longer string than expected while constructing a prompt. Desbordamiento de búfer basado en montículo en la función ask_outfile_name en el openfile.c para GnuPG (gpg) 1.4 y 2.0, cuando se está ejecutando interactivamente, podría permitir a atacantes remotos ejecutar código de su elección mediante mensajes con expansiones "C-escape", que provocan que la función make_printable_string devuelva una cadena más larga de lo esperado mientras construye un aviso. • ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html http://secunia.com/advisories/23094 http://secunia.com/advisories/23110 http://secunia.com/advisories/23146 http://secunia.com/advisories/23161 http://secunia.com/advisories/23171 http://secunia.com/advisories/23250 http://secunia.com/advisories/23269 http://secunia. •

CVSS: 5.0EPSS: 74%CPEs: 2EXPL: 1

parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. parse-packet.c en GnuPG (gpg) v1.4.3, v1.9.20 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de gpg) y posiblemente sobrescribir la memoria a través de un paquete de mensajes de gran longitud (con un ID de usuario demasiado largo), lo cual podría llevar a un desbordamiento de enteros, tal y como se demuestra con la opción '-no-armor'. • https://www.exploit-db.com/exploits/28077 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157 http://seclists.org/lists/fulldisclosure/2006/May/0774.html http://seclists.org/lists/fulldisclosure/2006/May/0782.html http://seclists.org/lists/fulldisclosure/2006/May/0789.html http://secunia.com/advisories/20783 http://secunia.com/advisories/20801 http://secunia.com&#x • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed. • http://eprint.iacr.org/2005/033 http://eprint.iacr.org/2005/033.pdf http://securitytracker.com/id?1013166 http://www.gentoo.org/security/en/glsa/glsa-200503-29.xml http://www.kb.cert.org/vuls/id/303094 http://www.mandriva.com/security/advisories?name=MDKSA-2005:057 http://www.novell.com/linux/security/advisories/2005_07_sr.html http://www.osvdb.org/13775 http://www.pgp.com/library/ctocorner/openpgp.html http://www.securityfocus.com/bid/12529 • CWE-326: Inadequate Encryption Strength •