|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1231] DSA-1231-1 gnupg Vulnerability Assessment Details
|
[DSA1231] DSA-1231-1 gnupg |
||
DSA-1231-1 gnupg Detailed Explanation for this Vulnerability Assessment Several remote vulnerabilities have been discovered in the GNU privacy guard, a free PGP replacement, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: Werner Koch discovered that a buffer overflow in a sanitising function may lead to execution of arbitrary code when running gnupg interactively. Tavis Ormandy discovered that parsing a carefully crafted OpenPGP packet may lead to the execution of arbitrary code, as a function pointer of an internal structure may be controlled through the decryption routines. For the stable distribution (sarge) these problems have been fixed in version 1.4.1-1.sarge6. For the upcoming stable distribution (etch) these problems have been fixed in version 1.4.6-1. For the unstable distribution (sid) these problems have been fixed in version 1.4.6-1. We recommend that you upgrade your gnupg packages. Solution : http://www.debian.org/security/2006/dsa-1231 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is (C) 2007 Michel Arboi |
||
Cables, Connectors |
Vintage Trackball - BMC Micro HMA00-0058 - untested
$9.90
Vintage Apple PowerComputing ADB Mouse
$15.00
Vintage MICROSOFT WINDOWS 2000 NO COA SEALED NEW PACKAGE with CD
$7.00
60s 70s 80s CLASSIC ROCK Music Collection - Over 1500 songs - Vintage, Lot
$33.99
RARE NEW RETAIL BOX VINTAGE AST BTC 5140M WINDOWS PS2 KEYBOARD FCC E5XK8M104M10U
$29.95
NEW Manufacture OLD STYLE Oval 3 Prong Power Cord HP style 125V 7A 875W Vintage
$39.95
Vintage NewerTech MAXpowr G3 400 7500/8500/8600/9500/9600 400MHz for Apple Mac
$125.00
Vintage Dot Matrix Printer Contin Feed Paper 8.5 x 11. Lots of 5 to 250 sheets.
$4.00
Vintage Industrial 1984 Micro Systems - Z80 CPX-BMX Board 128K
$115.00
Vintage Dell OptiPlex GX280 Intel Pentium 4 @ 3.0GHz 1GB RAM 40 GB HDD No OS
$99.99
|
||
No Discussions have been posted on this vulnerability. |