CVE-2006-6235
Summary
| CVE | CVE-2006-6235 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-12-07 11:28:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. |
Risk And Classification
Primary CVSS: v2.0 10 from [email protected]
AV:N/AC:L/Au:N/C:C/I:C/A:C
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnu | Privacy Guard | 1.2.4 | All | All | All |
| Application | Gnu | Privacy Guard | 1.2.5 | All | All | All |
| Application | Gnu | Privacy Guard | 1.2.6 | All | All | All |
| Application | Gnu | Privacy Guard | 1.2.7 | All | All | All |
| Application | Gnu | Privacy Guard | 1.3.3 | All | All | All |
| Application | Gnu | Privacy Guard | 1.3.4 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.1 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.2 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.2.1 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.2.2 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.3 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.4 | All | All | All |
| Application | Gnu | Privacy Guard | 1.4.5 | All | All | All |
| Application | Gnu | Privacy Guard | 1.9.10 | All | All | All |
| Application | Gnu | Privacy Guard | 1.9.15 | All | All | All |
| Application | Gnu | Privacy Guard | 1.9.20 | All | All | All |
| Application | Gnu | Privacy Guard | 2.0 | All | All | All |
| Application | Gnu | Privacy Guard | 2.0.1 | All | All | All |
| Application | Gpg4win | Gpg4win | 1.0.7 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | advanced_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | enterprise_server | All |
| Operating System | Redhat | Enterprise Linux | 4.0 | All | workstation | All |
| Operating System | Redhat | Enterprise Linux Desktop | 3.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 4.0 | All | All | All |
| Operating System | Redhat | Fedora Core | core6 | All | All | All |
| Operating System | Redhat | Fedora Core | core_5.0 | All | All | All |
| Operating System | Redhat | Linux Advanced Workstation | 2.1 | All | itanium_processor | All |
| Operating System | Rpath | Linux | 1 | All | All | All |
| Operating System | Slackware | Slackware Linux | 11.0 | All | All | All |
| Operating System | Ubuntu | Ubuntu Linux | 5.10 | All | All | All |
| Operating System | Ubuntu | Ubuntu Linux | 6.06 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Not Found | af854a3a-2127-422b-91ae-364da2661108 | lists.gnupg.org | |
| SuSE Security announcements: [suse-security-announce] SUSE Security Announcement: gpg (SUSE-SA:2006:075) | af854a3a-2127-422b-91ae-364da2661108 | lists.suse.com | |
| Gentoo Linux Documentation -- GnuPG: Multiple vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | |
| Trustix update for gnupg and proftpd - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Debian update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| SUSE update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Ubuntu update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| patches.sgi.com/support/free/security/advisories/20061201-01-P.asc | af854a3a-2127-422b-91ae-364da2661108 | patches.sgi.com | |
| Security Announcement | af854a3a-2127-422b-91ae-364da2661108 | www.novell.com | |
| Debian -- Security Information -- DSA-1231-1 gnupg | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| ASA-2007-047 (RHSA-2006-0754) | af854a3a-2127-422b-91ae-364da2661108 | support.avaya.com | |
| rPath update for gnupg - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| GnuPG OpenPGP Packet Processing Function Pointer Overwrite Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Vendor Advisory |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| Avaya Products GnuPG Multiple Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| rhn.redhat.com | Red Hat Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | Vendor Advisory |
| Webmail - OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| www.trustix.org/errata/2006/0070 | af854a3a-2127-422b-91ae-364da2661108 | www.trustix.org | |
| Red Hat update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| USN-393-1: GnuPG vulnerability | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Patch |
| SUSE Update for Multiple Packages - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Gentoo update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Slackware update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| GnuPG OpenPGP Packet Stack Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| US-CERT Vulnerability Note VU#427009 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | US Government Resource |
| issues.rpath.com/browse/RPL-835 | af854a3a-2127-422b-91ae-364da2661108 | issues.rpath.com | |
| Support / Security / Advisories / / MDKSA-2006:228 | Mandriva | af854a3a-2127-422b-91ae-364da2661108 | www.mandriva.com | |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| GnuPG OpenPGP Message Decryption Vulnerability - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| OpenPKG Corporation: Security: Security Advisories | af854a3a-2127-422b-91ae-364da2661108 | www.openpkg.com | |
| SGI Advanced Linux Environment Multiple Updates - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| USN-393-2: GnuPG2 vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| Mandriva update for gnupg - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2007-03-14 | Mark J Cox | Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |
There are currently no legacy QID mappings associated with this CVE.