5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
For Debian 6 Squeeze, these issues have been fixed in gnupg version 1.4.10-4+squeeze5
CPE | Name | Operator | Version |
---|---|---|---|
gnupg | eq | 1.4.10-4+squeeze4 | |
gnupg | eq | 1.4.10-4+squeeze3 | |
gnupg | eq | 1.4.10-4 | |
gnupg | eq | 1.4.10-4+squeeze2 | |
gnupg | eq | 1.4.10-4+squeeze1 |