Lucene search

Kaspersky LabKLA10175

HistoryJun 25, 2014 - 12:00 a.m.

KLA10175 DoS vulnerability in GnuPG

2014-06-2500:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

An unspecified vulnerability was found in GnuPG. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed packets.

Original advisories

Related products

GnuPG-gpg

CVE list

CVE-2014-4617 critical

Solution

Update to latest version

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

GnuPG 1 versions 1.4.16 and earlierGnuPG 2 versions 2.0.23 and earlier

References

statistics.securelist.com/

threats.kaspersky.com/en/product/GnuPG-gpg/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

Related for KLA10175