Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200312-05
HistoryDec 12, 2003 - 12:00 a.m.

GnuPG: ElGamal signing keys compromised and format string vulnerability

2003-12-1200:00:00
Gentoo Foundation
security.gentoo.org
25

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.012

Percentile

85.5%

JSON

Background

GnuPG is a popular open source signing and encryption tool.

Description

Two flaws have been found in GnuPG 1.2.3.

First, ElGamal signing keys can be compromised. These keys are not commonly used, but this is “a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds”.

Second, there is a format string flaw in the ‘gpgkeys_hkp’ utility which “would allow a malicious keyserver in the worst case to execute an arbitrary code on the user’s machine.”

Impact

If you have used ElGamal keys for signing your private key can be compromised, and a malicious keyserver could remotely execute arbitrary code with the permissions of the user running gpgkeys_hkp.

Workaround

There is no known workaround at this time.

Resolution

All users who have created ElGamal signing keys should immediately revoke them. In addition, all Gentoo Linux machines with gnupg installed should be updated to use gnupg-1.2.3-r5 or higher:

 # emerge sync
 # emerge -pv '>=app-crypt/gnupg-1.2.3-r5'
 # emerge '>=app-crypt/gnupg-1.2.3-r5'
 # emerge clean
OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-crypt/gnupg<= 1.2.3-r4UNKNOWN

Related

osv 1
openvas 8
nvd 1
nessus 6
cvelist 1
freebsd 1
redhat 1
cert 1
cve 1
suse 1
debian 2
securityvulns 1
packetstorm 1
osv
osv
gnupg - cryptographic weakness
2004-01-26 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200312-05 (GnuPG)
2008-09-24 00:00:00
Debian Security Advisory DSA 429-1 (gnupg)
2008-01-17 00:00:00
FreeBSD Ports: gnupg
2008-09-04 00:00:00
nvd
nvd
CVE-2003-0971
2003-12-15 05:00:00
nessus
nessus
FreeBSD : ElGamal sign+encrypt keys created by GnuPG can be compromised (81313647-2d03-11d8-9355-0020ed76ef5a)
2009-04-23 00:00:00
Mandrake Linux Security Advisory : gnupg (MDKSA-2003:109)
2004-07-31 00:00:00
FreeBSD : ElGamal sign+encrypt keys created by GnuPG can be compromised (61)
2004-07-06 00:00:00
cvelist
cvelist
CVE-2003-0971
2003-12-02 05:00:00
freebsd
freebsd
ElGamal sign+encrypt keys created by GnuPG can be compromised
2003-11-27 00:00:00
redhat
redhat
(RHSA-2003:395) gnupg security update
2003-12-10 00:00:00
cert
cert
GnuPG creates ElGamal keys for signing using insufficient entropy
2003-12-29 00:00:00
cve
cve
CVE-2003-0971
2003-12-15 05:00:00
suse
suse
cryptographic compromise, remote cmd execution in gpg
2003-12-03 14:20:12
debian
debian
[SECURITY] [DSA 429-1] New gnupg packages fix cryptographic weakness in ElGamal signing keys
2004-01-27 00:41:07
[SECURITY] [DSA 429-2] New gnupg packages fix cryptographic weakness
2004-02-14 03:43:07
securityvulns
securityvulns
Multiple Remote Issues in Applied Watch IDS Suite &#40;advisory attached&#41;
2003-11-29 00:00:00
packetstorm
packetstorm
_BSSADV-0000.txt
2003-12-01 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.012

Percentile

85.5%

JSON
Related for GLSA-200312-05
osv1openvas8nvd1nessus6cvelist1freebsd1redhat1cert1cve1suse1debian2securityvulns1packetstorm1