17 matches found
Slackware: Security Advisory (SSA:2006-072-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SLES9: Security update for gpg
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: gpg For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5019083 within the SuSE...
Gentoo Security Advisory GLSA 200602-10 (gnupg)
The remote host is missing updates announced in advisory GLSA 200602-10. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: gnupg
The remote host is missing an update to the system as announced in the referenced advisory. VID 63fe4189-9f97-11da-ac32-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian Security Advisory DSA 978-1 (gnupg)
The remote host is missing an update to gnupg announced via advisory DSA 978-1. Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. For the old stable distribution...
Debian: Security Advisory (DSA-978-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-978-1 : gnupg - programming error
Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
gnupg security update
CentOS Errata and Security Advisory CESA-2006:0266-01 An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting da...
gnupg security update
CentOS Errata and Security Advisory CESA-2006:0266 An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data...
RHEL 4 : gnupg (RHSA-2006:0266)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2006:0266 advisory. - security flaw CVE-2006-0049, CVE-2006-0455 Note that Nessus has not tested for these issues but has instead relied only on the application...
Important: Red Hat Security Advisory: gnupg security update
An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. Tavis Ormandy...
SUSE-SA:2006:009: gpg,liby2util
The remote host is missing the patch for the advisory SUSE-SA:2006:009 gpg,liby2util. With certain handcraftable signatures GPG was returning a 0 valid signature when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other...
Mandrake Linux Security Advisory : gnupg (MDKSA-2006:043)
Tavis Ormandy discovered it is possible to make gpg incorrectly return success when verifying an invalid signature file. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 978-1] New GnuPG packages fix invalid success return
-------------------------------------------------------------------------- Debian Security Advisory DSA 978-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 978-1] New GnuPG packages fix invalid success return
-------------------------------------------------------------------------- Debian Security Advisory DSA 978-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2006 http://www.debian.org/security/faq -...
BELL-CVE-2006-0455 CVE-2006-0455 does not affect BellSoft software
Bulletin has no description...
CVE-2006-0455
CVE-2006-0455 concerns GnuPG’s gpgv tool (and gpg --verify) emitting a false success exit code for malformed or detached signatures. Affects GnuPG prior to 1.4.2.1; the issue can allow automated scripts to falsely assume verification succeeded. The risk is described as a local attack vector with ...