410 matches found
DSA-2774-1 gnupg2 - several
Bulletin has no description...
Debian Security Advisory DSA 2774-1 (gnupg2 - several vulnerabilities)
Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4351When a key or subkey had its key flags subpacket set to all bits off, GnuPG currently would treat the key...
DSA-2773-1 gnupg - several
Bulletin has no description...
Debian: Security Advisory (DSA-2773-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 18 Update: gnupg-1.4.14-1.fc18
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
Fedora Update for libgcrypt FEDORA-2013-13671
Check for the Version of libgcrypt OpenVAS Vulnerability Test Fedora Update for libgcrypt FEDORA-2013-13671 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
[SECURITY] Fedora 19 Update: libgcrypt-1.5.3-1.fc19
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
[SECURITY] Fedora 18 Update: libgcrypt-1.5.3-1.fc18
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
DEBIAN-CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail...
DEBIAN-CVE-2012-6580
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditin...
DEBIAN-CVE-2012-6579
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service loss of e-mail readability, via an e-mail message to a queue's address...
UBUNTU-CVE-2012-6578
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics...
UBUNTU-CVE-2012-6579
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service loss of e-mail readability, via an e-mail message to a queue's address...
UBUNTU-CVE-2012-6581
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail...
UBUNTU-CVE-2012-6580
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditin...
Fedora Update for gnupg FEDORA-2013-0377
Check for the Version of gnupg OpenVAS Vulnerability Test Fedora Update for gnupg FEDORA-2013-0377 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
DEBIAN-CVE-2012-4884
Argument injection vulnerability in Request Tracker RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client...
Cross-VM Side-channel attacks against cryptography keys
A group of researchers has developed a side-channel attack targeting virtual machines that could pose a threat to cloud computing environments. Side-channel attacks against cryptography keys have, until now, been limited to physical machines, this attack is the first such attack demonstrated on a...
[Android Privacy Guard v1.0.8] OpenPGP for Android
There's no public key encryption for Android yet, but that's an important feature for many of us. Android Privacy Guard is to manage OpenPGP keys on your phone, use them to encrypt, sign, decrypt emails and files. Change log v1.0.8 HKP key server support app2sd support more pass phrase cache...
DEBIAN-CVE-2012-0954
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle MITM attack. NOTE: this vulnerability exists...