{"id": "OPENVAS:136141256231065415", "type": "openvas", "bulletinFamily": "scanner", "title": "SLES9: Security update for gpg", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gpg\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021295 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "published": "2009-10-10T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/", "score": 5.0}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065415", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2006-3082"], "lastseen": "2018-04-06T11:37:34", "viewCount": 2, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2018-04-06T11:37:34", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-3082"]}, {"type": "f5", "idList": ["SOL6535", "F5:K6535"]}, {"type": "redhat", "idList": ["1699373", "RHSA-2006:0571"]}, {"type": "nessus", "idList": ["UBUNTU_USN-304-1.NASL", "FEDORA_2006-757.NASL", "SUSE_GPG-1664.NASL", "SUSE_GPG2-1834.NASL", "F5_BIGIP_SOL6535.NASL", "MANDRAKE_MDKSA-2006-110.NASL", "SLACKWARE_SSA_2006-178-02.NASL", "FREEBSD_PKG_F900BDA8047211DBBBF7000C6EC775D9.NASL", "REDHAT-RHSA-2006-0571.NASL", "SUSE_GPG2-1835.NASL"]}, {"type": "freebsd", "idList": ["F900BDA8-0472-11DB-BBF7-000C6EC775D9"]}, {"type": "openvas", "idList": ["OPENVAS:57084", "OPENVAS:57035", "OPENVAS:136141256231057035", "OPENVAS:57150", "OPENVAS:65415", "OPENVAS:861323", "OPENVAS:57026"]}, {"type": "slackware", "idList": ["SSA-2006-178-02"]}, {"type": "centos", "idList": ["CESA-2006:0571-01", "CESA-2006:0571"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1115-1:45256", "DEBIAN:DSA-1107-1:400F2"]}, {"type": "exploitdb", "idList": ["EDB-ID:28077"]}, {"type": "ubuntu", "idList": ["USN-304-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:13272"]}, {"type": "osvdb", "idList": ["OSVDB:26770"]}], "modified": "2018-04-06T11:37:34", "rev": 2}, "vulnersScore": 5.6}, "pluginID": "136141256231065415", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021295.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for gpg\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gpg\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021295 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65415\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for gpg\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gpg\", rpm:\"gpg~1.2.4~68.16\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks"}

{"cve": [{"lastseen": "2020-12-09T19:23:46", "description": "parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.", "edition": 5, "cvss3": {}, "published": "2006-06-19T18:02:00", "title": "CVE-2006-3082", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-3082"], "modified": "2018-10-18T16:45:00", "cpe": ["cpe:/a:gnupg:gnupg:1.9.20", "cpe:/a:gnupg:gnupg:1.4.3"], "id": "CVE-2006-3082", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3082", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnupg:gnupg:1.9.20:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2017-10-12T02:11:14", "bulletinFamily": "software", "cvelist": ["CVE-2006-3082"], "edition": 1, "description": "**Note**: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to [K4602: Overview of F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n**F5 Networks products and versions that have been evaluated for this Security Advisory**\n\nProduct | Affected | Not Affected \n---|---|--- \nBIG-IP LTM | 9.0.0 - 9.1.2 \n9.2.0 - 9.2.5 | 9.1.3 \n9.3.x \n9.4.x \n10.x \n11.x \nBIG-IP GTM | 9.2.2 - 9.2.5 | 9.3.x \n9.4.x \n10.x \n11.x \nBIG-IP ASM | 9.2.0 - 9.2.5 | 9.3.x \n9.4.x \n10.x \n11.x \nBIG-IP Link Controller | 9.2.2 - 9.2.5 | 9.3.x \n9.4.x \n10.x \n11.x \nBIG-IP WebAccelerator | None | 9.4.x \n10.x \n11.x \nBIG-IP PSM | None | 9.4.x \n10.x \n11.x \nBIG-IP WAN Optimization | None | 10.x \n11.x \nBIG-IP APM | None | 10.x \n11.x \nBIG-IP Edge Gateway | None | 10.x \n11.x \nBIG-IP Analytics | None | 11.x \nBIG-IP AFM \n| None | 11.x \nBIG-IP PEM \n| None | 11.x \nFirePass | None | 3.x \n4.x \n5.x \n6.x \n7.x \nEnterprise Manager | 1.0.0 - 1.2.2 | 1.4.0 - 1.8.0 \n2.x \n3.x \n \n \nF5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP [LTM](<https://support.f5.com/content/kb/en-us/products/big-ip_ltm.html>), [ASM](<https://support.f5.com/content/kb/en-us/products/big-ip_asm.html>), [GTM](<https://support.f5.com/content/kb/en-us/products/big-ip_gtm.html>), [Link Controller](<https://support.f5.com/content/kb/en-us/products/lc_9_x.html>), or [WebAccelerator](<https://support.f5.com/content/kb/en-us/products/wa.html>) release notes.\n\nF5 Product Development tracked this issue and it was fixed in Enterprise Manager 1.4.0. For information about upgrading, refer to the [Enterprise Manager](<https://support.f5.com/content/kb/en-us/products/em.html>) release notes.\n\nAlthough vulnerable F5 products contain the GnuPG software, an attacker would require root access in order to exploit the vulnerability. As a result, F5 is not providing hotfixes to address this vulnerability.\n", "modified": "2016-01-09T02:23:00", "published": "2006-08-23T04:00:00", "href": "https://support.f5.com/csp/article/K6535", "id": "F5:K6535", "title": "Denial of service vulnerability in GnuPG - CVE-2006-3082", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-05-30T21:01:44", "bulletinFamily": "software", "cvelist": ["CVE-2006-3082"], "edition": 1, "description": "F5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, or WebAccelerator release notes.\n\nF5 Product Development tracked this issue and it was fixed in Enterprise Manager 1.4.0. For information about upgrading, refer to the Enterprise Manager release notes.\n\nAlthough vulnerable F5 products contain the GnuPG software, an attacker would require root access in order to exploit the vulnerability. As a result, F5 is not providing hotfixes to address this vulnerability.\n", "modified": "2013-03-21T00:00:00", "published": "2006-08-22T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/6000/500/sol6535.html", "id": "SOL6535", "title": "SOL6535 - Denial of service vulnerability in GnuPG - CVE-2006-3082", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2017-08-05T00:58:24", "bulletinFamily": "unix", "cvelist": [], "description": "No description provided", "modified": "2016-03-20T08:44:49", "published": "2016-03-20T08:44:49", "href": "https://access.redhat.com/security/cve/cve-2006-3082", "id": "1699373", "title": "CVE-2006-3082", "type": "redhat", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-08-13T18:46:12", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "GnuPG is a utility for encrypting data and creating digital signatures.\r\n\r\nAn integer overflow flaw was found in GnuPG. An attacker could create a\r\ncarefully crafted message packet with a large length that could cause GnuPG\r\nto crash or possibly overwrite memory when opened. (CVE-2006-3082)\r\n\r\nAll users of GnuPG are advised to upgrade to this updated package, which\r\ncontains a backported patch to correct this issue.", "modified": "2019-03-22T23:42:55", "published": "2006-07-18T04:00:00", "id": "RHSA-2006:0571", "href": "https://access.redhat.com/errata/RHSA-2006:0571", "type": "redhat", "title": "(RHSA-2006:0571) gnupg security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:12", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2,\nand -current to fix security issues which could allow an attacker to\ncrash gnupg and possibly overwrite memory which could lead to an integer\noverflow.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082\n\nHere are the details from the Slackware 10.2 ChangeLog:\n\npatches/packages/gnupg-1.4.4-i486-1_slack10.2.tgz:\n This version fixes a memory allocation issue that could allow an attacker to\n crash GnuPG creating a denial-of-service.\n The CVE entry for this issue may be found here:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\nfrom ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gnupg-1.4.4-i386-1_slack9.0.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gnupg-1.4.4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gnupg-1.4.4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gnupg-1.4.4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/gnupg-1.4.4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnupg-1.4.4-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.0 package:\n6d43feab64fb2a3f35090bf92f98c667 gnupg-1.4.4-i386-1_slack9.0.tgz\n\nSlackware 9.1 package:\nfaee8c056fc1817d84c168fa106a6a14 gnupg-1.4.4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n20beefaf272e9e781c66d78a97ad8490 gnupg-1.4.4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\nf8cc9a380c35e26619df7652f6357aee gnupg-1.4.4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n917eead27d9412bb032c3b2cbc7513b5 gnupg-1.4.4-i486-1_slack10.2.tgz\n\nSlackware -current package:\n40da0c3d313100c8c1e90e0c4b47a4d1 gnupg-1.4.4-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg gnupg-1.4.4-i486-1_slack10.2.tgz", "modified": "2006-06-28T03:25:36", "published": "2006-06-28T03:25:36", "id": "SSA-2006-178-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382", "type": "slackware", "title": "[slackware-security] gnupg DoS", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-26T08:55:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gpg\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021295 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65415", "href": "http://plugins.openvas.org/nasl.php?oid=65415", "type": "openvas", "title": "SLES9: Security update for gpg", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021295.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for gpg\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n gpg\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021295 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65415);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for gpg\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gpg\", rpm:\"gpg~1.2.4~68.16\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-20T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:57026", "href": "http://plugins.openvas.org/nasl.php?oid=57026", "type": "openvas", "title": "FreeBSD Ports: gnupg", "sourceData": "#\n#VID f900bda8-0472-11db-bbf7-000c6ec775d9\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: gnupg\n\nCVE-2006-3082\nparse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,\nallows remote attackers to cause a denial of service (gpg crash) and\npossibly overwrite memory via a message packet with a large length,\nwhich could lead to an integer overflow, as demonstrated using the\n--no-armor option.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157\nhttp://marc.theaimsgroup.com/?l=gnupg-users&m=115124706210430\nhttp://marc.theaimsgroup.com/?l=full-disclosure&m=114907659313360\nhttp://www.vuxml.org/freebsd/f900bda8-0472-11db-bbf7-000c6ec775d9.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(57026);\n script_version(\"$Revision: 4118 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-20 07:32:38 +0200 (Tue, 20 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2006-3082\");\n script_bugtraq_id(18554);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: gnupg\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gnupg\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.4\")<0) {\n txt += 'Package gnupg version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-178-02.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:57035", "href": "http://plugins.openvas.org/nasl.php?oid=57035", "type": "openvas", "title": "Slackware Advisory SSA:2006-178-02 gnupg DoS", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_178_02.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2,\nand -current to fix security issues which could allow an attacker to\ncrash gnupg and possibly overwrite memory which could lead to an integer\noverflow.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2006-178-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-178-02\";\n \nif(description)\n{\n script_id(57035);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2006-178-02 gnupg DoS \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i386-1_slack9.0\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing an update to gnupg\nannounced via advisory DSA 1107-1.\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 1.0.6-4woody6.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:57084", "href": "http://plugins.openvas.org/nasl.php?oid=57084", "type": "openvas", "title": "Debian Security Advisory DSA 1107-1 (gnupg)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1107_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1107-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 1.4.1-1.sarge4.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.4.3-2.\n\nWe recommend that you upgrade your gnupg package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201107-1\";\ntag_summary = \"The remote host is missing an update to gnupg\nannounced via advisory DSA 1107-1.\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 1.0.6-4woody6.\";\n\n\nif(description)\n{\n script_id(57084);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1107-1 (gnupg)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.0.6-4woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gnupg\", ver:\"1.4.1-1.sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing an update to gnupg2\nannounced via advisory DSA 1115-1.\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:57150", "href": "http://plugins.openvas.org/nasl.php?oid=57150", "type": "openvas", "title": "Debian Security Advisory DSA 1115-1 (gnupg2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1115_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1115-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.\n\nWe recommend that you upgrade your gnupg package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201115-1\";\ntag_summary = \"The remote host is missing an update to gnupg2\nannounced via advisory DSA 1115-1.\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.\";\n\n\nif(description)\n{\n script_id(57150);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1115-1 (gnupg2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gnupg-agent\", ver:\"1.9.15-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gnupg2\", ver:\"1.9.15-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gpgsm\", ver:\"1.9.15-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-178-02.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231057035", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231057035", "type": "openvas", "title": "Slackware Advisory SSA:2006-178-02 gnupg DoS", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_178_02.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.57035\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2006-3082\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2006-178-02 gnupg DoS\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.0|9\\.1|10\\.0|10\\.1|10\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-178-02\");\n\n script_tag(name:\"insight\", value:\"New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2,\nand -current to fix security issues which could allow an attacker to\ncrash gnupg and possibly overwrite memory which could lead to an integer\noverflow.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2006-178-02.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnupg\", ver:\"1.4.4-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:56:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082", "CVE-2006-6169", "CVE-2006-6235", "CVE-2006-3746"], "description": "Check for the Version of gnupg", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861323", "href": "http://plugins.openvas.org/nasl.php?oid=861323", "type": "openvas", "title": "Fedora Update for gnupg FEDORA-2007-316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnupg FEDORA-2007-316\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnupg on Fedora Core 5\";\ntag_insight = \"GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and\n creating digital signatures. GnuPG has advanced key management\n capabilities and is compliant with the proposed OpenPGP Internet\n standard described in RFC2440. Since GnuPG doesn't use any patented\n algorithm, it is not compatible with any version of PGP2 (PGP2.x uses\n only IDEA for symmetric-key encryption, which is patented worldwide).\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-March/msg00032.html\");\n script_id(861323);\n script_version(\"$Revision: 6622 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 07:52:50 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:23:18 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-316\");\n script_cve_id(\"CVE-2006-6169\", \"CVE-2006-6235\", \"CVE-2006-3746\", \"CVE-2006-3082\");\n script_name( \"Fedora Update for gnupg FEDORA-2007-316\");\n\n script_summary(\"Check for the Version of gnupg\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora_core\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC5\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnupg\", rpm:\"gnupg~1.4.7~1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/gnupg\", rpm:\"x86_64/gnupg~1.4.7~1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"x86_64/debug/gnupg-debuginfo\", rpm:\"x86_64/debug/gnupg-debuginfo~1.4.7~1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/debug/gnupg-debuginfo\", rpm:\"i386/debug/gnupg-debuginfo~1.4.7~1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"i386/gnupg\", rpm:\"i386/gnupg~1.4.7~1\", rls:\"FC5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:23", "bulletinFamily": "software", "cvelist": ["CVE-2006-3082"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](https://issues.rpath.com/browse/RPL-473)\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2006-167.htm)\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2006_38_security.html)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:110)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U.asc)\n[Secunia Advisory ID:20811](https://secuniaresearch.flexerasoftware.com/advisories/20811/)\n[Secunia Advisory ID:21137](https://secuniaresearch.flexerasoftware.com/advisories/21137/)\n[Secunia Advisory ID:20783](https://secuniaresearch.flexerasoftware.com/advisories/20783/)\n[Secunia Advisory ID:20801](https://secuniaresearch.flexerasoftware.com/advisories/20801/)\n[Secunia Advisory ID:20829](https://secuniaresearch.flexerasoftware.com/advisories/20829/)\n[Secunia Advisory ID:20899](https://secuniaresearch.flexerasoftware.com/advisories/20899/)\n[Secunia Advisory ID:20881](https://secuniaresearch.flexerasoftware.com/advisories/20881/)\n[Secunia Advisory ID:21135](https://secuniaresearch.flexerasoftware.com/advisories/21135/)\n[Secunia Advisory ID:20968](https://secuniaresearch.flexerasoftware.com/advisories/20968/)\n[Secunia Advisory ID:21063](https://secuniaresearch.flexerasoftware.com/advisories/21063/)\n[Secunia Advisory ID:21143](https://secuniaresearch.flexerasoftware.com/advisories/21143/)\n[Secunia Advisory ID:21585](https://secuniaresearch.flexerasoftware.com/advisories/21585/)\nRedHat RHSA: RHSA-2006:0571\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1107\nOther Advisory URL: http://www.ubuntu.com/usn/usn-304-1\nOther Advisory URL: http://seclists.org/lists/fulldisclosure/2006/May/0774.html\nOther Advisory URL: http://www.trustix.org/errata/2006/0042/\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1115\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0772.html\nFrSIRT Advisory: ADV-2006-2450\n[CVE-2006-3082](https://vulners.com/cve/CVE-2006-3082)\n", "modified": "2006-05-31T04:04:05", "published": "2006-05-31T04:04:05", "href": "https://vulners.com/osvdb/OSVDB:26770", "id": "OSVDB:26770", "type": "osvdb", "title": "GnuPG parse-packet.c Large Packet Length DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2020-07-17T03:28:57", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0571\n\n\nGnuPG is a utility for encrypting data and creating digital signatures.\r\n\r\nAn integer overflow flaw was found in GnuPG. An attacker could create a\r\ncarefully crafted message packet with a large length that could cause GnuPG\r\nto crash or possibly overwrite memory when opened. (CVE-2006-3082)\r\n\r\nAll users of GnuPG are advised to upgrade to this updated package, which\r\ncontains a backported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025062.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025065.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025067.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025073.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025074.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025078.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025079.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025096.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025097.html\n\n**Affected packages:**\ngnupg\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0571.html", "edition": 6, "modified": "2006-07-25T20:26:52", "published": "2006-07-18T12:30:07", "href": "http://lists.centos.org/pipermail/centos-announce/2006-July/025062.html", "id": "CESA-2006:0571", "title": "gnupg security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:23:54", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "**CentOS Errata and Security Advisory** CESA-2006:0571-01\n\n\nGnuPG is a utility for encrypting data and creating digital signatures.\r\n\r\nAn integer overflow flaw was found in GnuPG. An attacker could create a\r\ncarefully crafted message packet with a large length that could cause GnuPG\r\nto crash or possibly overwrite memory when opened. (CVE-2006-3082)\r\n\r\nAll users of GnuPG are advised to upgrade to this updated package, which\r\ncontains a backported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-July/025086.html\n\n**Affected packages:**\ngnupg\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2006-07-18T22:55:05", "published": "2006-07-18T22:55:05", "href": "http://lists.centos.org/pipermail/centos-announce/2006-July/025086.html", "id": "CESA-2006:0571-01", "title": "gnupg security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:43", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "\nIf GnuPG processes a userid with a very long packet length,\n\t GnuPG can crash due to insufficient bounds check. This can\n\t result in a denial-of-service condition or potentially\n\t execution of arbitrary code with the privileges of the user\n\t running GnuPG.\n", "edition": 4, "modified": "2006-05-31T00:00:00", "published": "2006-05-31T00:00:00", "id": "F900BDA8-0472-11DB-BBF7-000C6EC775D9", "href": "https://vuxml.freebsd.org/freebsd/f900bda8-0472-11db-bbf7-000c6ec775d9.html", "title": "gnupg -- user id integer overflow vulnerability", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T07:22:39", "description": "GnuPG 1.4.3/1.9.x Parse_User_ID Remote Buffer Overflow Vulnerability. CVE-2006-3082. Dos exploit for linux platform", "published": "2006-06-20T00:00:00", "type": "exploitdb", "title": "GnuPG 1.4.3/1.9.x Parse_User_ID Remote Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-3082"], "modified": "2006-06-20T00:00:00", "id": "EDB-ID:28077", "href": "https://www.exploit-db.com/exploits/28077/", "sourceData": "source: http://www.securityfocus.com/bid/18554/info\r\n\r\nGnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.\r\n\r\nThis issue may allow remote attackers to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.\r\n\r\nGnuPG versions 1.4.3 and 1.9.20 are vulnerable to this issue; previous versions may also be affected.\r\n\r\nperl -e 'print \"\\xcd\\xff\\xff\\xff\\xff\\xfe\"'| /var/gnupg/bin/gpg --no-armor", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/28077/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:18", "bulletinFamily": "software", "cvelist": ["CVE-2006-3082"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDKSA-2006:110\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : gnupg\r\n Date : June 20, 2006\r\n Affected: 10.2, 2006.0, Corporate 3.0, Multi Network Firewall 2.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 &#40;and earlier&#41;\r\n that could allow a remote attacker to cause gpg to crash and possibly\r\n overwrite memory via a message packet with a large length.\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 10.2:\r\n d3a12d93b7bbe542458348cc51dcead8 10.2/RPMS/gnupg-1.4.2.2-0.2.102mdk.i586.rpm\r\n 731dc939288445076650464d2e00ac87 10.2/SRPMS/gnupg-1.4.2.2-0.2.102mdk.src.rpm\r\n\r\n Mandriva Linux 10.2/X86_64:\r\n 0e39c1d095a27e35a6e8f76899e27628 x86_64/10.2/RPMS/gnupg-1.4.2.2-0.2.102mdk.x86_64.rpm\r\n 731dc939288445076650464d2e00ac87 x86_64/10.2/SRPMS/gnupg-1.4.2.2-0.2.102mdk.src.rpm\r\n\r\n Mandriva Linux 2006.0:\r\n a58b87cc4962c958d2b5ab8ce6ff2af0 2006.0/RPMS/gnupg-1.4.2.2-0.2.20060mdk.i586.rpm\r\n 629ccc307a6b0ba7a6b20e4e0c293594 2006.0/RPMS/gnupg2-1.9.16-4.1.20060mdk.i586.rpm\r\n c4e6a135b2a74c3b753636fdb7459183 2006.0/SRPMS/gnupg-1.4.2.2-0.2.20060mdk.src.rpm\r\n f81f714630d5ea3516f619e532bdf407 2006.0/SRPMS/gnupg2-1.9.16-4.1.20060mdk.src.rpm\r\n\r\n Mandriva Linux 2006.0/X86_64:\r\n 600e6b7de637676c066f716ad8927acc x86_64/2006.0/RPMS/gnupg-1.4.2.2-0.2.20060mdk.x86_64.rpm\r\n 947ef9f61b86dc0e53b926545da1dc5c x86_64/2006.0/RPMS/gnupg2-1.9.16-4.1.20060mdk.x86_64.rpm\r\n c4e6a135b2a74c3b753636fdb7459183 x86_64/2006.0/SRPMS/gnupg-1.4.2.2-0.2.20060mdk.src.rpm\r\n f81f714630d5ea3516f619e532bdf407 x86_64/2006.0/SRPMS/gnupg2-1.9.16-4.1.20060mdk.src.rpm\r\n\r\n Corporate 3.0:\r\n b6749396abd547f862babb262b20a6a0 corporate/3.0/RPMS/gnupg-1.4.2.2-0.2.C30mdk.i586.rpm\r\n d1562a6ce6f3f1e995cbceb39e4d4760 corporate/3.0/SRPMS/gnupg-1.4.2.2-0.2.C30mdk.src.rpm\r\n\r\n Corporate 3.0/X86_64:\r\n d5d73bc8f01dab03beba0b305d5d1ecb x86_64/corporate/3.0/RPMS/gnupg-1.4.2.2-0.2.C30mdk.x86_64.rpm\r\n d1562a6ce6f3f1e995cbceb39e4d4760 x86_64/corporate/3.0/SRPMS/gnupg-1.4.2.2-0.2.C30mdk.src.rpm\r\n\r\n Multi Network Firewall 2.0:\r\n 610a0a00957c503172904a054cc98a2a mnf/2.0/RPMS/gnupg-1.4.2.2-0.2.M20mdk.i586.rpm\r\n 3291b35f3c2c2fdafc42d8fc8f7062da mnf/2.0/SRPMS/gnupg-1.4.2.2-0.2.M20mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2.2 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFEmHEJmqjQ0CJFipgRAtVCAKCyVLFVCZTrQGcpPAQYz6c3iZEjPgCgqpX0\r\nGuOteS9filZcv68pum5+BeU=\r\n=ywCK\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2006-06-22T00:00:00", "published": "2006-06-22T00:00:00", "id": "SECURITYVULNS:DOC:13272", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:13272", "title": "[ MDKSA-2006:110 ] - Updated gnupg packages fix vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:17:09", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1115-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 21st, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : gnupg2\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2006-3082\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.\n\nWe recommend that you upgrade your gnupg package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.dsc\n Size/MD5 checksum: 854 d7f54b50b8c569566cfe0b865ec20323\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1.diff.gz\n Size/MD5 checksum: 1859944 fbb56cbacfb82fb5666646bed3dd2944\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15.orig.tar.gz\n Size/MD5 checksum: 5454978 ee3885e2c74a9c1ae539d6f12091c30b\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_alpha.deb\n Size/MD5 checksum: 112318 e806b0cedb8ed0914e6e035d042acdd0\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_alpha.deb\n Size/MD5 checksum: 886212 1763f96899b22f286232871b9b085ed6\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_alpha.deb\n Size/MD5 checksum: 453430 6dfaaea879aa17fc0dd623889a983507\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_amd64.deb\n Size/MD5 checksum: 98464 cafa5d36dbcb21d795b6372c8293d6f8\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_amd64.deb\n Size/MD5 checksum: 774560 96bf1b958e560fe17d632c26c38d9efc\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_amd64.deb\n Size/MD5 checksum: 385700 4b2b4ddc50eaf51b5701d7d47e1c9b3c\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_arm.deb\n Size/MD5 checksum: 87318 d72f15b0cef0d127af34819d3ca5f14a\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_arm.deb\n Size/MD5 checksum: 712814 22e92a7324e81906493140954172d5bf\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_arm.deb\n Size/MD5 checksum: 339666 1d23cfebbe8e6c7396aeff77eb9c8820\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_i386.deb\n Size/MD5 checksum: 90042 0e930e3cdcb129f1a442299f4d0540e3\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_i386.deb\n Size/MD5 checksum: 731422 9a9f643a1dbc83c6b3f3dd9bfffe0a52\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_i386.deb\n Size/MD5 checksum: 351906 8282625e16ac625f67e38f39ff107652\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_ia64.deb\n Size/MD5 checksum: 130298 2eedf4cf8372007857433ca639524d9b\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_ia64.deb\n Size/MD5 checksum: 1026226 e782e4b34a5b92e8096d2654b2cc5a4c\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_ia64.deb\n Size/MD5 checksum: 539910 20467693f439c077a70084dc3a97013c\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_hppa.deb\n Size/MD5 checksum: 100568 8196f49a542cafff2df799dcf01aec82\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_hppa.deb\n Size/MD5 checksum: 794658 51ccc9c508247dd4f420f6cf6573aac2\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_hppa.deb\n Size/MD5 checksum: 393956 18059987ad743bf9af518acc89657417\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_m68k.deb\n Size/MD5 checksum: 82140 1fba5cdda78f5f5deca9627a85c04c57\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_m68k.deb\n Size/MD5 checksum: 669532 92a8750d7d53e87a6400dc0dbb3d09d6\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_m68k.deb\n Size/MD5 checksum: 311950 f1a33648d91e20d5b844f5c7f7da57a9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mips.deb\n Size/MD5 checksum: 100504 7d791fe14e51c77d2332f56a381cf271\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mips.deb\n Size/MD5 checksum: 788588 bdec126011eee7c8d8d72eca6cfdcdc4\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mips.deb\n Size/MD5 checksum: 395058 655dc54c72b2c0179d10c47b2f5860dd\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_mipsel.deb\n Size/MD5 checksum: 100978 56b72587ce25c10b5dcc088a15909fe0\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_mipsel.deb\n Size/MD5 checksum: 790238 e607d5e8afa7a8302f53445617d0c8b8\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_mipsel.deb\n Size/MD5 checksum: 396254 470e2d93f2648e2cf6608324c1500d22\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_powerpc.deb\n Size/MD5 checksum: 95574 d69613b8feaec3e719a6d41e01c6bbb0\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_powerpc.deb\n Size/MD5 checksum: 769188 bb1d47b585a6ba73ec3ab5733c2bd9e5\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_powerpc.deb\n Size/MD5 checksum: 377318 62c7a186f295f33911233ecbe59df6b3\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_s390.deb\n Size/MD5 checksum: 98696 d105f1f4f8b7f622b2353e01bccf8f60\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_s390.deb\n Size/MD5 checksum: 766416 b697db437ddd9c6d66c18244b0730ef7\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_s390.deb\n Size/MD5 checksum: 384736 956245edec30fd206a7e63f58139937b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg-agent_1.9.15-6sarge1_sparc.deb\n Size/MD5 checksum: 89540 cbcc2a2dcc603baf6632446fcee75f6a\n http://security.debian.org/pool/updates/main/g/gnupg2/gnupg2_1.9.15-6sarge1_sparc.deb\n Size/MD5 checksum: 720868 97a6fd87caaf94c0d1ff3eb87f35b7cf\n http://security.debian.org/pool/updates/main/g/gnupg2/gpgsm_1.9.15-6sarge1_sparc.deb\n Size/MD5 checksum: 345146 51a1a825f01eff2085b2fddaa4394432\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "edition": 3, "modified": "2006-07-21T00:00:00", "published": "2006-07-21T00:00:00", "id": "DEBIAN:DSA-1115-1:45256", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00202.html", "title": "[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:30:31", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1107-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 10th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : gnupg\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2006-3082\n\nEvgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstrings.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 1.0.6-4woody6.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.4.1-1.sarge4.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.4.3-2.\n\nWe recommend that you upgrade your gnupg package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.dsc\n Size/MD5 checksum: 577 40a60f7ff8a7c36e4ffb308caa350e70\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.diff.gz\n Size/MD5 checksum: 8597 add04b0a8c391de7134cca7c943d15d9\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6.orig.tar.gz\n Size/MD5 checksum: 1941676 7c319a9e5e70ad9bc3bf0d7b5008a508\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_alpha.deb\n Size/MD5 checksum: 1151184 3c46ca0e7a42f819619ba2a021a38eb9\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_arm.deb\n Size/MD5 checksum: 987554 843109424859d6a1006898419d6d642e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_i386.deb\n Size/MD5 checksum: 966904 8ffd681040a2d466389f058e25ae29ae\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_ia64.deb\n Size/MD5 checksum: 1272488 5dcf85dd73bd2015438fd995a16762e5\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_hppa.deb\n Size/MD5 checksum: 1060316 22496f4150fd2334f7504deff0c474a1\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_m68k.deb\n Size/MD5 checksum: 942994 bc7eede5abdcbe721ff81a5e242ebfb6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mips.deb\n Size/MD5 checksum: 1036510 5e5824568a6a4b50851513c27db5a139\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mipsel.deb\n Size/MD5 checksum: 1036966 792c1f9b0f61349001a789b08bf862d8\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_powerpc.deb\n Size/MD5 checksum: 1010208 6f1b3a058b7afab16a35ccba4d6b107e\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_s390.deb\n Size/MD5 checksum: 1002808 80b5ca38f239a23c8e2119b39966279b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_sparc.deb\n Size/MD5 checksum: 1003856 aa89804a111cdbede9845a8eb179f9d2\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.dsc\n Size/MD5 checksum: 680 006a79b9793ba193aa227850c11984dd\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.diff.gz\n Size/MD5 checksum: 20197 488b0289778532beb0608b8dca7982a7\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1.orig.tar.gz\n Size/MD5 checksum: 4059170 1cc77c6943baaa711222e954bbd785e5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_alpha.deb\n Size/MD5 checksum: 2155794 cb1d024d2cae8c132bafe3422a2d1b3e\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_amd64.deb\n Size/MD5 checksum: 1963478 d0d3432b4b5968d2f837414b4202afe9\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_arm.deb\n Size/MD5 checksum: 1899338 b670611700f39489ea99517eb50678a9\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_i386.deb\n Size/MD5 checksum: 1908580 0f8623e8b3a59e9c8101fa2f7c23f576\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_ia64.deb\n Size/MD5 checksum: 2325178 fb8ba4735f0769f7c21e974321bd7c89\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_hppa.deb\n Size/MD5 checksum: 2003982 14149a1cee79407a1f99e5ae340dd501\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_m68k.deb\n Size/MD5 checksum: 1811020 dc751374cc6f994782e7de9ed5fd77ea\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mips.deb\n Size/MD5 checksum: 2000688 0d44abe0cc416c06d63699a6c77b232d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mipsel.deb\n Size/MD5 checksum: 2007524 e59ad95cf552d2a4cb31a11b4db50147\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_powerpc.deb\n Size/MD5 checksum: 1957934 62443926a7a4fe049e62a8515a0ecb27\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_s390.deb\n Size/MD5 checksum: 1967012 a6b8d7173799fc57e46456a305f97d78\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_sparc.deb\n Size/MD5 checksum: 1897410 6f793e910bb6a793c96c875059626914\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "edition": 3, "modified": "2006-07-10T00:00:00", "published": "2006-07-10T00:00:00", "id": "DEBIAN:DSA-1107-1:400F2", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00194.html", "title": "[SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-08T23:40:34", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082"], "description": "Evgeny Legerov discovered that GnuPG did not sufficiently check overly \nlarge user ID packets. Specially crafted user IDs caused a buffer \noverflow. By tricking an user or remote automated system into \nprocessing a malicous GnuPG message, an attacker could exploit this to \ncrash GnuPG or possibly even execute arbitrary code.", "edition": 6, "modified": "2006-06-27T00:00:00", "published": "2006-06-27T00:00:00", "id": "USN-304-1", "href": "https://ubuntu.com/security/notices/USN-304-1", "title": "gnupg vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-01T06:43:52", "description": "Evgeny Legerov discovered that GnuPG did not sufficiently check overly\nlarge user ID packets. Specially crafted user IDs caused a buffer\noverflow. By tricking an user or remote automated system into\nprocessing a malicous GnuPG message, an attacker could exploit this to\ncrash GnuPG or possibly even execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.04 / 5.10 / 6.06 LTS : gnupg vulnerability (USN-304-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:5.04", "p-cpe:/a:canonical:ubuntu_linux:gnupg", "cpe:/o:canonical:ubuntu_linux:5.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-304-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27879", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-304-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27879);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:33:00\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_xref(name:\"USN\", value:\"304-1\");\n\n script_name(english:\"Ubuntu 5.04 / 5.10 / 6.06 LTS : gnupg vulnerability (USN-304-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Evgeny Legerov discovered that GnuPG did not sufficiently check overly\nlarge user ID packets. Specially crafted user IDs caused a buffer\noverflow. By tricking an user or remote automated system into\nprocessing a malicous GnuPG message, an attacker could exploit this to\ncrash GnuPG or possibly even execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/304-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.04|5\\.10|6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.04 / 5.10 / 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gnupg\", pkgver:\"1.2.5-3ubuntu5.4\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"gnupg\", pkgver:\"1.4.1-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"gnupg\", pkgver:\"1.4.2.2-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:00", "description": "This update upgrades to upstream version 1.4.4, which places a limit\non the size of user ID packets, closing a possible integer overflow\n(CVE-2006-3082).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2007-01-17T00:00:00", "title": "Fedora Core 5 : gnupg-1.4.4-2 (2006-755)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2007-01-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg", "cpe:/o:fedoraproject:fedora_core:5", "p-cpe:/a:fedoraproject:fedora:gnupg-debuginfo"], "id": "FEDORA_2006-755.NASL", "href": "https://www.tenable.com/plugins/nessus/24133", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-755.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24133);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-755\");\n\n script_name(english:\"Fedora Core 5 : gnupg-1.4.4-2 (2006-755)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update upgrades to upstream version 1.4.4, which places a limit\non the size of user ID packets, closing a possible integer overflow\n(CVE-2006-3082).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-June/000352.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?828f2c66\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnupg and / or gnupg-debuginfo packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 5.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC5\", reference:\"gnupg-1.4.4-2\")) flag++;\nif (rpm_check(release:\"FC5\", reference:\"gnupg-debuginfo-1.4.4-2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg / gnupg-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:05:38", "description": "An updated GnuPG package that fixes a security issue is now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGnuPG is a utility for encrypting data and creating digital\nsignatures.\n\nAn integer overflow flaw was found in GnuPG. An attacker could create\na carefully crafted message packet with a large length that could\ncause GnuPG to crash or possibly overwrite memory when opened.\n(CVE-2006-3082)\n\nAll users of GnuPG are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.", "edition": 27, "published": "2006-07-19T00:00:00", "title": "RHEL 2.1 / 3 / 4 : gnupg (RHSA-2006:0571)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2006-07-19T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:gnupg"], "id": "REDHAT-RHSA-2006-0571.NASL", "href": "https://www.tenable.com/plugins/nessus/22069", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0571. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22069);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_bugtraq_id(18554);\n script_xref(name:\"RHSA\", value:\"2006:0571\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 : gnupg (RHSA-2006:0571)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated GnuPG package that fixes a security issue is now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGnuPG is a utility for encrypting data and creating digital\nsignatures.\n\nAn integer overflow flaw was found in GnuPG. An attacker could create\na carefully crafted message packet with a large length that could\ncause GnuPG to crash or possibly overwrite memory when opened.\n(CVE-2006-3082)\n\nAll users of GnuPG are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-3082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2006:0571\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2006:0571\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gnupg-1.0.7-17\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"gnupg-1.2.1-16\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gnupg-1.2.6-5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:44:17", "description": "It is possible to crash (denial of service) the GNU Privacy Guard\n(gpg) by supplying a specifically crafted message specifying a very\nlarge UID, which leads to an out of memory situation or an integer\noverflow.\n\nIt is unclear if this problem can be exploited to execute code.\n\nThis issue is tracked by the Mitre CVE ID CVE-2006-3082.", "edition": 23, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : gpg2 (ZYPP Patch Number 1834)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GPG2-1834.NASL", "href": "https://www.tenable.com/plugins/nessus/29451", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29451);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-3082\");\n\n script_name(english:\"SuSE 10 Security Update : gpg2 (ZYPP Patch Number 1834)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It is possible to crash (denial of service) the GNU Privacy Guard\n(gpg) by supplying a specifically crafted message specifying a very\nlarge UID, which leads to an out of memory situation or an integer\noverflow.\n\nIt is unclear if this problem can be exploited to execute code.\n\nThis issue is tracked by the Mitre CVE ID CVE-2006-3082.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2006-3082.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 1834.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:0, reference:\"gpg2-1.9.18-17.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:0, reference:\"gpg2-1.9.18-17.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:06:00", "description": "This update upgrades to upstream version 1.4.4, which places a limit\non the size of user ID packets, closing a possible integer overflow\n(CVE-2006-3082).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2007-01-17T00:00:00", "title": "Fedora Core 4 : gnupg-1.4.4-1 (2006-757)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2007-01-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg", "p-cpe:/a:fedoraproject:fedora:gnupg-debuginfo", "cpe:/o:fedoraproject:fedora_core:4"], "id": "FEDORA_2006-757.NASL", "href": "https://www.tenable.com/plugins/nessus/24134", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2006-757.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24134);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2006-757\");\n\n script_name(english:\"Fedora Core 4 : gnupg-1.4.4-1 (2006-757)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update upgrades to upstream version 1.4.4, which places a limit\non the size of user ID packets, closing a possible integer overflow\n(CVE-2006-3082).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2006-June/000346.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4eefddca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnupg and / or gnupg-debuginfo packages.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 4.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC4\", reference:\"gnupg-1.4.4-1\")) flag++;\nif (rpm_check(release:\"FC4\", reference:\"gnupg-debuginfo-1.4.4-1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg / gnupg-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:00", "description": "An updated GnuPG package that fixes a security issue is now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGnuPG is a utility for encrypting data and creating digital\nsignatures.\n\nAn integer overflow flaw was found in GnuPG. An attacker could create\na carefully crafted message packet with a large length that could\ncause GnuPG to crash or possibly overwrite memory when opened.\n(CVE-2006-3082)\n\nAll users of GnuPG are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.", "edition": 26, "published": "2006-07-19T00:00:00", "title": "CentOS 3 / 4 : gnupg (CESA-2006:0571)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2006-07-19T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:gnupg", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2006-0571.NASL", "href": "https://www.tenable.com/plugins/nessus/22065", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2006:0571 and \n# CentOS Errata and Security Advisory 2006:0571 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22065);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_bugtraq_id(18554);\n script_xref(name:\"RHSA\", value:\"2006:0571\");\n\n script_name(english:\"CentOS 3 / 4 : gnupg (CESA-2006:0571)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated GnuPG package that fixes a security issue is now available.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nGnuPG is a utility for encrypting data and creating digital\nsignatures.\n\nAn integer overflow flaw was found in GnuPG. An attacker could create\na carefully crafted message packet with a large length that could\ncause GnuPG to crash or possibly overwrite memory when opened.\n(CVE-2006-3082)\n\nAll users of GnuPG are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a44c142\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013027.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?506a1ff5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013040.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42da9737\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013041.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab9260a5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013058.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fca01c61\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2006-July/013059.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9188c80\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gnupg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"gnupg-1.2.1-16\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"gnupg-1.2.6-5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:44:38", "description": "Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstring.", "edition": 25, "published": "2006-10-14T00:00:00", "title": "Debian DSA-1107-1 : gnupg - integer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2006-10-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:gnupg"], "id": "DEBIAN_DSA-1107.NASL", "href": "https://www.tenable.com/plugins/nessus/22649", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1107. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(22649);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_xref(name:\"DSA\", value:\"1107\");\n\n script_name(english:\"Debian DSA-1107-1 : gnupg - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free\nPGP replacement contains an integer overflow that can cause a\nsegmentation fault and possibly overwrite memory via a large user ID\nstring.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1107\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gnupg package.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 1.0.6-4woody6.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.4.1-1.sarge4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"gnupg\", reference:\"1.0.6-4woody6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gnupg\", reference:\"1.4.1-1.sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:34", "description": "A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier)\nthat could allow a remote attacker to cause gpg to crash and possibly\noverwrite memory via a message packet with a large length.\n\nThe updated packages have been patched to correct these issues.", "edition": 24, "published": "2006-06-24T00:00:00", "title": "Mandrake Linux Security Advisory : gnupg (MDKSA-2006:110)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2006-06-24T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:gnupg2", "p-cpe:/a:mandriva:linux:gnupg", "cpe:/o:mandriva:linux:2006", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005"], "id": "MANDRAKE_MDKSA-2006-110.NASL", "href": "https://www.tenable.com/plugins/nessus/21754", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2006:110. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21754);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_bugtraq_id(18554);\n script_xref(name:\"MDKSA\", value:\"2006:110\");\n\n script_name(english:\"Mandrake Linux Security Advisory : gnupg (MDKSA-2006:110)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier)\nthat could allow a remote attacker to cause gpg to crash and possibly\noverwrite memory via a message packet with a large length.\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnupg and / or gnupg2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.2\", reference:\"gnupg-1.4.2.2-0.2.102mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2006.0\", reference:\"gnupg-1.4.2.2-0.2.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"gnupg2-1.9.16-4.1.20060mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:44:16", "description": "It is possible to crash (denial of service) the GNU Privacy Guard\n(gpg) by supplying a specifically crafted message specifying a very\nlarge UID, which leads to an out of memory situation or an integer\noverflow. It is unclear if this problem can be exploited to execute\ncode. This issue is tracked by the Mitre CVE ID CVE-2006-3082.", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : gpg (gpg-1664)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2007-10-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gpg", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_GPG-1664.NASL", "href": "https://www.tenable.com/plugins/nessus/27244", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update gpg-1664.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27244);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-3082\");\n\n script_name(english:\"openSUSE 10 Security Update : gpg (gpg-1664)\");\n script_summary(english:\"Check for the gpg-1664 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It is possible to crash (denial of service) the GNU Privacy Guard\n(gpg) by supplying a specifically crafted message specifying a very\nlarge UID, which leads to an out of memory situation or an integer\noverflow. It is unclear if this problem can be exploited to execute\ncode. This issue is tracked by the Mitre CVE ID CVE-2006-3082.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gpg package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gpg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"gpg-1.4.2-23.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gpg\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:51:32", "description": "If GnuPG processes a userid with a very long packet length, GnuPG can\ncrash due to insufficient bounds check. This can result in a\ndenial-of-service condition or potentially execution of arbitrary code\nwith the privileges of the user running GnuPG.", "edition": 25, "published": "2006-06-26T00:00:00", "title": "FreeBSD : gnupg -- user id integer overflow vulnerability (f900bda8-0472-11db-bbf7-000c6ec775d9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-3082"], "modified": "2006-06-26T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gnupg", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_F900BDA8047211DBBBF7000C6EC775D9.NASL", "href": "https://www.tenable.com/plugins/nessus/21756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21756);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-3082\");\n script_bugtraq_id(18554);\n\n script_name(english:\"FreeBSD : gnupg -- user id integer overflow vulnerability (f900bda8-0472-11db-bbf7-000c6ec775d9)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"If GnuPG processes a userid with a very long packet length, GnuPG can\ncrash due to insufficient bounds check. This can result in a\ndenial-of-service condition or potentially execution of arbitrary code\nwith the privileges of the user running GnuPG.\"\n );\n # http://marc.theaimsgroup.com/?l=gnupg-users&m=115124706210430\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=gnupg-users&m=115124706210430\"\n );\n # http://marc.theaimsgroup.com/?l=full-disclosure&m=114907659313360\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=full-disclosure&m=114907659313360\"\n );\n # http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e53a5a86\"\n );\n # https://vuxml.freebsd.org/freebsd/f900bda8-0472-11db-bbf7-000c6ec775d9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5cb6deaf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gnupg<1.4.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2006-3082", "CVE-2006-3746", "CVE-2006-6169", "CVE-2006-6235"], "description": "GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). ", "modified": "2007-03-12T19:15:32", "published": "2007-03-12T19:15:32", "id": "FEDORA:L2CJFWF6006929", "href": "", "type": "fedora", "title": "[SECURITY] Fedora Core 5 Update: gnupg-1.4.7-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}