GnuPG Incorrect Non-Detached Signature Verification Vulnerability

Bugtraq ID: 17058
Class: Design Error
CVE: CVE-2006-0049
Remote: Yes
Local: No
Published: Mar 09 2006 12:00AM
Updated: Jan 02 2007 06:06PM
Credit: Discovery is credited to Tavis Ormandy.
Vulnerable: Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE Linux Enterprise Server 9
SuSE Linux Desktop 1.0
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
SGI ProPack 3.0 SP6
S.u.S.E. UnitedLinux 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
Redhat Linux 9.0 i386
Redhat Linux 7.3 i386
Redhat Fedora Core4
Redhat Fedora Core3
Redhat Fedora Core2
Redhat Fedora Core1
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1 IA64
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1 IA64
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1 IA64
Redhat Enterprise Linux AS 2.1
Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
Redhat Advanced Workstation for the Itanium Processor 2.1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU GNU Privacy Guard 1.4.2 .1
GNU GNU Privacy Guard 1.4.2
GNU GNU Privacy Guard 1.4.1
GNU GNU Privacy Guard 1.4
GNU GNU Privacy Guard 1.3.4
GNU GNU Privacy Guard 1.3.3
GNU GNU Privacy Guard 1.2.7
GNU GNU Privacy Guard 1.2.6
GNU GNU Privacy Guard 1.2.5
GNU GNU Privacy Guard 1.2.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNU GNU Privacy Guard 1.2.3
+ Mandriva Linux Mandrake 9.2
+ Turbolinux Turbolinux Desktop 10.0
GNU GNU Privacy Guard 1.2.2 -rc1
+ S.u.S.E. Linux Personal 8.2
GNU GNU Privacy Guard 1.2.2 -r1
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
GNU GNU Privacy Guard 1.2.2
GNU GNU Privacy Guard 1.2.1
+ OpenPKG OpenPKG 1.2
+ Redhat Linux 9.0 i386
+ Terra Soft Solutions Yellow Dog Linux 3.0
GNU GNU Privacy Guard 1.2
GNU GNU Privacy Guard 1.0.7
+ MandrakeSoft apcupsd 2006.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ OpenPKG OpenPKG 1.1
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
+ Redhat Linux 8.0 i386
+ Redhat Linux 7.3 i386
+ Redhat Linux 7.2 ia64
+ Redhat Linux 7.2 i386
+ Redhat Linux 7.1 i386
+ Redhat Linux Advanced Work Station 2.1
+ Sun Linux 5.0.5
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 6.5
+ Turbolinux Turbolinux Server 6.1
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
+ Turbolinux Turbolinux Workstation 6.0
GNU GNU Privacy Guard 1.0.6
GNU GNU Privacy Guard 1.0.5
GNU GNU Privacy Guard 1.0.4
- Turbolinux Turbolinux 6.0.5
- Turbolinux Turbolinux Server 6.5
- Turbolinux Turbolinux Workstation 6.1
GNU GNU Privacy Guard 1.0.3 b
GNU GNU Privacy Guard 1.0.3
GNU GNU Privacy Guard 1.0.2
GNU GNU Privacy Guard 1.0.1
GNU GNU Privacy Guard 1.0 .6
- MandrakeSoft Corporate Server 1.0.1
- Mandriva Linux Mandrake 8.1
- Mandriva Linux Mandrake 8.0 ppc
- Mandriva Linux Mandrake 8.0
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
GNU GNU Privacy Guard 1.0
GNU finger 1.0.7
GIMP GIMP 2.2.4
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Not Vulnerable: GNU GNU Privacy Guard 1.4.2 2


 

Privacy Statement
Copyright 2010, SecurityFocus