14 matches found
F5 Networks BIG-IP : Denial of service vulnerability in GnuPG (SOL6535)
The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL6535. The text description of this plugin is C F5 Networks...
SLES9: Security update for gpg
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: gpg For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5021295 within the SuSE...
FreeBSD Ports: gnupg
The remote host is missing an update to the system as announced in the referenced advisory. VID f900bda8-0472-11db-bbf7-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
SuSE 10 Security Update : gpg2 (ZYPP Patch Number 1834)
It is possible to crash denial of service the GNU Privacy Guard gpg by supplying a specifically crafted message specifying a very large UID, which leads to an out of memory situation or an integer overflow. It is unclear if this problem can be exploited to execute code. This issue is tracked by t...
openSUSE 10 Security Update : gpg (gpg-1664)
It is possible to crash denial of service the GNU Privacy Guard gpg by supplying a specifically crafted message specifying a very large UID, which leads to an out of memory situation or an integer overflow. It is unclear if this problem can be exploited to execute code. This issue is tracked by t...
Fedora Core 5 : gnupg-1.4.4-2 (2006-755)
This update upgrades to upstream version 1.4.4, which places a limit on the size of user ID packets, closing a possible integer overflow CVE-2006-3082. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempte...
Debian DSA-1115-1 : gnupg2 - integer overflow
Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID string. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
SOL6535 - Denial of service vulnerability in GnuPG - CVE-2006-3082
F5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, or WebAccelerator release notes. F5 Product Development tracked this issue and it was...
[SECURITY] [DSA 1115-1] New GnuPG2 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1115-1 [email protected] http://www.debian.org/security/ Martin Schulze July 21st, 2006 http://www.debian.org/security/faq -...
CentOS 3 / 4 : gnupg (CESA-2006:0571)
An updated GnuPG package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. An integer overflow flaw was found in GnuPG. An...
[slackware-security] gnupg DoS
New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues which could allow an attacker to crash gnupg and possibly overwrite memory which could lead to an integer overflow. More details about this issue may be found in the Common Vulnerabiliti...
Mandrake Linux Security Advisory : gnupg (MDKSA-2006:110)
A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 and earlier that could allow a remote attacker to cause gpg to crash and possibly overwrite memory via a message packet with a large length. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Netwo...
Security fix for the ALT Linux 7 package gnupg version 1.4.3-alt2
June 22, 2006 Dmitry V. Levin 1.4.3-alt2 - Applied upstream fix for crash bug in parse-packet.c CVE-2006-3082...
CVE-2006-3082
CVE-2006-3082 affects GnuPG (gpg) 1.4.3, 1.9.20 and earlier, where parsing a very large UID can trigger an integer overflow in parse-packet.c, causing a denial of service (gpg crash) and potential memory overwrite when processing oversized message packets (notably with --no-armor). Multiple advis...