GnuPG Detached Signature Verification False-Positive Vulnerability
BID:2141
Info
GnuPG Detached Signature Verification False-Positive Vulnerability
| Bugtraq ID: | 2141 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 20 2000 12:00AM |
| Updated: | Dec 20 2000 12:00AM |
| Credit: | Reported to bugtraq by Rene Puls <[email protected]>. |
| Vulnerable: |
GNU GNU Privacy Guard 1.0.3 b GNU GNU Privacy Guard 1.0.3 GNU GNU Privacy Guard 1.0.2 GNU GNU Privacy Guard 1.0.1 GNU GNU Privacy Guard 1.0 |
| Not Vulnerable: |
GNU GNU Privacy Guard 1.0.4 |
Exploit / POC
GnuPG Detached Signature Verification False-Positive Vulnerability
Currently the SecurityFocus staff are not aware of any publicly available exploits for this vulnerability. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any publicly available exploits for this vulnerability. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
GnuPG Detached Signature Verification False-Positive Vulnerability
Solution:
Upgrades available:
GNU GNU Privacy Guard 1.0
GNU GNU Privacy Guard 1.0.1
GNU GNU Privacy Guard 1.0.2
GNU GNU Privacy Guard 1.0.3
GNU GNU Privacy Guard 1.0.3 b
Solution:
Upgrades available:
GNU GNU Privacy Guard 1.0
-
Conectiva 4.0 i386 gnupg-1.0.4-5cl.i386
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 4.0es i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.4-5cl.i386.rp m -
Conectiva 4.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 6.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.4-5cl.i386.rpm -
Conectiva ecommerce i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1 .0.4-5cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1. 0.4-5cl.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.alpha
ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.i386
ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.sparc
ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm -
RedHat 7.0 gnupg-1.0.4-9.alpha
ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm -
RedHat 7.0 gnupg-1.0.4-9.i386
ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm -
Trustix 1.0/1.1 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.1/RPMS/gnupg-1.0.4-4tr.i5 86.rpm -
Trustix 1.2 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/gnupg-1.0.4-4tr.i5 86.rpm
GNU GNU Privacy Guard 1.0.1
-
Conectiva 4.0 i386 gnupg-1.0.4-5cl.i386
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 4.0es i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.4-5cl.i386.rp m -
Conectiva 4.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 6.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.4-5cl.i386.rpm -
Conectiva ecommerce i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1 .0.4-5cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1. 0.4-5cl.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.alpha
ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.i386
ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.sparc
ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm -
RedHat 7.0 gnupg-1.0.4-9.alpha
ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm -
RedHat 7.0 gnupg-1.0.4-9.i386
ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm -
Trustix 1.0/1.1 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.1/RPMS/gnupg-1.0.4-4tr.i5 86.rpm -
Trustix 1.2 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/gnupg-1.0.4-4tr.i5 86.rpm
GNU GNU Privacy Guard 1.0.2
-
Conectiva 4.0 i386 gnupg-1.0.4-5cl.i386
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 4.0es i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.4-5cl.i386.rp m -
Conectiva 4.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 6.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.4-5cl.i386.rpm -
Conectiva ecommerce i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1 .0.4-5cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1. 0.4-5cl.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.alpha
ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.i386
ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.sparc
ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm -
RedHat 7.0 gnupg-1.0.4-9.alpha
ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm -
RedHat 7.0 gnupg-1.0.4-9.i386
ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm -
Trustix 1.0/1.1 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.1/RPMS/gnupg-1.0.4-4tr.i5 86.rpm -
Trustix 1.2 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/gnupg-1.0.4-4tr.i5 86.rpm
GNU GNU Privacy Guard 1.0.3
-
Conectiva 4.0 i386 gnupg-1.0.4-5cl.i386
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 4.0es i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.4-5cl.i386.rp m -
Conectiva 4.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 6.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.4-5cl.i386.rpm -
Conectiva ecommerce i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1 .0.4-5cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1. 0.4-5cl.i386.rpm -
Debian 2.2 alpha gnupg_1.0.4-1.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/gnup g_1.0.4-1.1_alpha.deb -
Debian 2.2 arm gnupg_1.0.4-1.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/gnupg_ 1.0.4-1.1_arm.deb -
Debian 2.2 i386 gnupg_1.0.4-1.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/gnupg _1.0.4-1.1_i386.deb -
Debian 2.2 m68k gnupg_1.0.4-1.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/gnupg _1.0.4-1.1_m68k.deb -
Debian 2.2 ppc gnupg_1.0.4-1.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gn upg_1.0.4-1.1_powerpc.deb -
Debian 2.2 sparc gnupg_1.0.4-1.1_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/gnup g_1.0.4-1.1_sparc.deb -
RedHat 6.x gnupg-1.0.4-8.6.x.alpha
ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.i386
ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.sparc
ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm -
RedHat 7.0 gnupg-1.0.4-9.alpha
ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm -
RedHat 7.0 gnupg-1.0.4-9.i386
ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm -
Trustix 1.0/1.1 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.1/RPMS/gnupg-1.0.4-4tr.i5 86.rpm -
Trustix 1.2 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/gnupg-1.0.4-4tr.i5 86.rpm
GNU GNU Privacy Guard 1.0.3 b
-
Conectiva 4.0 i386 gnupg-1.0.4-5cl.i386
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 4.0es i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.4-5cl.i386.rp m -
Conectiva 4.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 5.1 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.4-5cl.i386.rpm -
Conectiva 6.0 i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.4-5cl.i386.rpm -
Conectiva ecommerce i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1 .0.4-5cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.4-5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1. 0.4-5cl.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.alpha
ftp://updates.redhat.com//6.2/alpha/gnupg-1.0.4-8.6.x.alpha.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.i386
ftp://updates.redhat.com//6.2/i386/gnupg-1.0.4-8.6.x.i386.rpm -
RedHat 6.x gnupg-1.0.4-8.6.x.sparc
ftp://updates.redhat.com//6.2/sparc/gnupg-1.0.4-8.6.x.sparc.rpm -
RedHat 7.0 gnupg-1.0.4-9.alpha
ftp://updates.redhat.com//7.0/alpha/gnupg-1.0.4-9.alpha.rpm -
RedHat 7.0 gnupg-1.0.4-9.i386
ftp://updates.redhat.com//7.0/i386/gnupg-1.0.4-9.i386.rpm -
Trustix 1.0/1.1 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.1/RPMS/gnupg-1.0.4-4tr.i5 86.rpm -
Trustix 1.2 gnupg-1.0.4-4tr.i586
http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/gnupg-1.0.4-4tr.i5 86.rpm
References
GnuPG Detached Signature Verification False-Positive Vulnerability
References:
References: