14 results (0.028 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2

CVE-2022-34903 – gpg: Signature spoofing via status line injection

https://notcve.org/view.php?id=CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. GnuPG versiones hasta 2.3.6, en situaciones inusuales en las que un atacante posee cualquier información de clave secreta del llavero de la víctima y son cumplidos en otras restricciones (por ejemplo, el uso de GPGME), permite una falsificación de firmas por medio de la inyección en la línea de estado A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer() function in g10/cpr.c. This flaw allows a malicious actor to bypass access control. • http://www.openwall.com/lists/oss-security/2022/07/02/1 https://bugs.debian.org/1014157 https://dev.gnupg.org/T6027 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL https://lists.fedoraproject.org/archives • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2019-14855

https://notcve.org/view.php?id=CVE-2019-14855

A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18. Se detectó un fallo en la manera en que podrían ser falsificadas las firmas de certificados usando colisiones encontradas en el algoritmo SHA-1. Un atacante podría usar esta debilidad para crear firmas de certificados falsificadas. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855 https://dev.gnupg.org/T4755 https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html https://rwc.iacr.org/2020/slides/Leurent.pdf https://usn.ubuntu.com/4516-1 • CWE-326: Inadequate Encryption Strength •

CVSS: 5.3EPSS: 1%CPEs: 3EXPL: 1

CVE-2011-2207

https://notcve.org/view.php?id=CVE-2011-2207

dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate. dirmngr versiones anteriores a la versión 2.1.0, maneja inapropiadamente determinadas llamadas del sistema, lo que permite a atacantes remotos causar una denegación de servicio (DOS) por medio de un certificado especialmente diseñado. • https://access.redhat.com/security/cve/cve-2011-2207 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627377 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207 https://security-tracker.debian.org/tracker/CVE-2011-2207 https://www.openwall.com/lists/oss-security/2011/06/15/6 • CWE-295: Improper Certificate Validation •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 1

CVE-2019-13050 – GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS

https://notcve.org/view.php?id=CVE-2019-13050

Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. La interacción entre el código sks-keyserver hasta versión 1.2.0 de la red SKS keyserver, y GnuPG hasta la versión 2.2.16, hace arriesgado tener una línea de configuración keyserver de GnuPG que se refiera a un host en la red SKS keyserver. La recuperación de datos de esta red puede causar una denegación de servicio persistente, debido a un Ataque de Spamming de Certificado. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/pack • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •

CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0

CVE-2018-12020 – gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification

https://notcve.org/view.php?id=CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. mainproc.c en GnuPG en versiones anteriores a la 2.2.8 gestiona de manera incorrecta el nombre de archivo original durante las acciones de descifrado y verificación, lo que permite que atacantes remotos suplanten la salida que GnuPG envía en el descriptor de archivo 2 a otros programas que emplean la opción "--status-fd 2". Por ejemplo, los datos OpenPGP podrían representar un nombre de archivo original que contiene caracteres de nueva línea junto con los códigos de estado GOODSIG o VALIDSIG. A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could have other unintended consequences if applications take action(s) based on parsed verbose gnupg output. • http://openwall.com/lists/oss-security/2018/06/08/2 http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html http://seclists.org/fulldisclosure/2019/Apr/38 http://www.openwall.com/lists/oss-security/2019/04/30/4 http://www.securityfocus.com/bid/104450 http://www.securitytracker.com/id/1041051 https://access.redhat.com/errata/RHSA-2018:2180 https://access.redhat.com/errata/RHSA-2018:2181 https://dev.gnupg.org/T4012 https://github.com/RUB-NDS/Johnny&# • CWE-20: Improper Input Validation CWE-706: Use of Incorrectly-Resolved Name or Reference •