Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2006:0754
HistoryDec 06, 2006 - 12:00 a.m.

(RHSA-2006:0754) Important: gnupg security update

2006-12-0600:00:00
access.redhat.com
12

0.056 Low

EPSS

Percentile

93.3%

JSON

GnuPG is a utility for encrypting data and creating digital signatures.

Tavis Ormandy discovered a stack overwrite flaw in the way GnuPG decrypts
messages. An attacker could create carefully crafted message that could cause
GnuPG to execute arbitrary code if a victim attempts to decrypt the message.
(CVE-2006-6235)

A heap based buffer overflow flaw was found in the way GnuPG constructs
messages to be written to the terminal during an interactive session. An
attacker could create a carefully crafted message which with user interaction
could cause GnuPG to execute arbitrary code with the permissions of the
user running GnuPG. (CVE-2006-6169)

All users of GnuPG are advised to upgrade to this updated package, which
contains a backported patch to correct these issues.

Related

nessus 19
gentoo 1
openvas 16
centos 2
oraclelinux 1
slackware 2
debian 1
osv 1
suse 1
ubuntu 2
fedora 1
cvelist 2
cert 1
cve 2
ubuntucve 2
nvd 2
debiancve 2
freebsd 1
securityvulns 1
nessus
nessus
openSUSE 10 Security Update : gpg (gpg-2353)
2007-10-17 00:00:00
CentOS 3 / 4 : gnupg (CESA-2006:0754)
2006-12-11 00:00:00
Fedora Core 5 : gnupg-1.4.6-1 (2006-1405)
2007-01-17 00:00:00
gentoo
gentoo
GnuPG: Multiple vulnerabilities
2006-12-10 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2006-340-01)
2012-09-10 00:00:00
Slackware: Security Advisory (SSA:2006-340-01b)
2012-09-10 00:00:00
Gentoo Security Advisory GLSA 200612-03 (gnupg)
2008-09-24 00:00:00
centos
centos
gnupg security update
2006-12-07 03:18:30
gnupg security update
2006-12-06 18:36:40
oraclelinux
oraclelinux
Important gnupg security update
2006-12-11 00:00:00
slackware
slackware
[slackware-security] gnupg
2006-12-06 22:27:00
[slackware-security] gnupg [resigned]
2006-12-07 22:03:33
debian
debian
[SECURITY] [DSA 1231-1] New gnupg packages fix arbitrary code execution
2006-12-09 09:39:51
osv
osv
gnupg
2006-12-09 00:00:00
suse
suse
remote code execution in gpg,gpg2
2006-12-13 12:47:52
ubuntu
ubuntu
GnuPG2 vulnerabilities
2006-12-07 00:00:00
GnuPG vulnerability
2006-12-07 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: gnupg-1.4.7-1
2007-03-12 19:15:32
cvelist
cvelist
CVE-2006-6235
2006-12-07 11:00:00
CVE-2006-6169
2006-11-29 18:00:00
cert
cert
GnuPG vulnerable to remote data control
2006-12-18 00:00:00
cve
cve
CVE-2006-6235
2006-12-07 11:28:00
CVE-2006-6169
2006-11-29 18:28:00
ubuntucve
ubuntucve
CVE-2006-6235
2006-12-07 00:00:00
CVE-2006-6169
2006-11-29 00:00:00
nvd
nvd
CVE-2006-6169
2006-11-29 18:28:00
CVE-2006-6235
2006-12-07 11:28:00
debiancve
debiancve
CVE-2006-6235
2006-12-07 11:28:00
CVE-2006-6169
2006-11-29 18:28:00
freebsd
freebsd
gnupg -- remotely controllable function pointer
2006-12-04 00:00:00
securityvulns
securityvulns
GnuPG: remotely controllable function pointer [CVE-2006-6235]
2006-12-07 00:00:00

0.056 Low

EPSS

Percentile

93.3%

JSON
Related for RHSA-2006:0754
nessus19gentoo1openvas16centos2oraclelinux1slackware2debian1osv1suse1ubuntu2fedora1cvelist2cert1cve2ubuntucve2nvd2debiancve2freebsd1securityvulns1