Lucene search

[email protected]CVE-2001-0273

HistoryMay 03, 2001 - 4:00 a.m.

CVE-2001-0273

2001-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0273

pgp4pine

pine/pgp

gnu privacy guard

gnupg

unencrypted message

nvd

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.8%

JSON

pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.

CPENameOperatorVersion
holger_lamm:pgp4pineholger lamm pgp4pineeq1.75.6

CPE	Name	Operator	Version
holger_lamm:pgp4pine	holger lamm pgp4pine	eq	1.75.6

References

archives.neohapsis.com/archives/bugtraq/2001-02/0367.html

www.kb.cert.org/vuls/id/566640

www.securityfocus.com/bid/2405

exchange.xforce.ibmcloud.com/vulnerabilities/6135

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

56.8%

JSON

Related for CVE-2001-0273

cert1