PGP ASCII Armor Parser Arbitrary File Creation Vulnerability

Bugtraq ID: 2556
Class: Design Error
CVE:
Remote: Yes
Local: Yes
Published: Apr 09 2001 12:00AM
Updated: Apr 09 2001 12:00AM
Credit: Discovered by Chris Anley <dec0de@atstake.com> on April 9, 2001.
Vulnerable: Network Associates PGP 7.0.4
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 7.0.3
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 6.5.8
- HP HP-UX 10.0
- IBM AIX 4.3
- Linux kernel 2.3
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Redhat Linux 7.0
- Sun Solaris 8_sparc
Network Associates PGP 6.5.3
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 6.5.1 i
- HP HP-UX 11.0
- IBM AIX 4.3
- Linux kernel 2.3
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Redhat Linux 7.0
- Sun Solaris 8_sparc
Network Associates PGP 6.0.2 i
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 6.0.2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 5.5.5
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 5.5.3 i
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Network Associates PGP 5.0 i
- HP HP-UX 11.0
- IBM AIX 4.3
- Linux kernel 2.3
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- Redhat Linux 7.0
- Sun Solaris 8_sparc
Network Associates PGP 5.0
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus