gnupg -- buffer overflow

ID 34C93AE8-7E6F-11DB-BF00-02E081235DAB
Type freebsd
Reporter FreeBSD
Modified 2006-11-27T00:00:00


Werner Koch reports:

When running GnuPG interactively, special crafted messages may be used to crash gpg or gpg2. Running gpg in batch mode, as done by all software using gpg as a backend (e.g. mailers), is not affected by this bug. Exploiting this overflow seems to be possible. gpg-agent, gpgsm, gpgv or other tools from the GnuPG suite are not affected.