Lucene search
UbuntuUSN-2258-1HistoryJun 26, 2014 - 12:00 a.m.
GnuPG vulnerability
2014-06-2600:00:00
ubuntu.com
52
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.013
Percentile
86.0%
Releases
- Ubuntu 14.04 ESM
- Ubuntu 13.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- gnupg - GNU privacy guard - a free PGP replacement
- gnupg2 - GNU privacy guard - a free PGP replacement
Details
Jean-René Reinhard, Olivier Levillain and Florian Maury discovered that
GnuPG incorrectly handled certain OpenPGP messages. If a user or automated
system were tricked into processing a specially-crafted message, GnuPG
could consume resources, resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.04 | noarch | gnupg | < 1.4.16-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gnupg-curl | < 1.4.16-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gnupg-udeb | < 1.4.16-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gpgv | < 1.4.16-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gpgv-udeb | < 1.4.16-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gnupg2 | < 2.0.22-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gnupg-agent | < 2.0.22-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gpgsm | < 2.0.22-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | gpgv2 | < 2.0.22-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | scdaemon | < 2.0.22-3ubuntu1.1 | UNKNOWN |
References
Related
ubuntucve
ubuntucve
CVE-2014-4617
2014-06-26 00:00:00
nessus
nessus
Fedora 20 : gnupg2-2.0.24-1.fc20 (2014-7796)
2014-06-30 00:00:00
openSUSE Security Update : gpg2 (openSUSE-SU-2014:0866-1)
2014-07-04 00:00:00
Fedora 19 : gnupg2-2.0.24-1.fc19 (2014-7797)
2014-07-02 00:00:00
f5
f5
K21284031 : GnuPG vulnerability CVE-2014-4617
2016-09-01 00:00:00
SOL21284031 - GnuPG vulnerability CVE-2014-4617
2016-09-01 00:00:00
debian
debian
gnupg security update
2014-06-30 19:42:38
[SECURITY] [DSA 2967-1] gnupg security update
2014-06-25 16:12:23
[SECURITY] [DSA 2968-1] gnupg2 security update
2014-06-27 08:14:38
debiancve
debiancve
CVE-2014-4617
2014-06-25 11:19:22
amazon
amazon
nvd
nvd
CVE-2014-4617
2014-06-25 11:19:22
openvas
openvas
Fedora Update for gnupg2 FEDORA-2014-7796
2014-07-01 00:00:00
Gentoo Security Advisory GLSA 201407-04
2015-09-29 00:00:00
Fedora Update for gnupg2 FEDORA-2015-5969
2015-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: gnupg2-2.0.27-1.fc20
2015-04-22 22:38:03
[SECURITY] Fedora 20 Update: gnupg2-2.0.24-1.fc20
2014-06-29 02:52:30
[SECURITY] Fedora 19 Update: gnupg2-2.0.24-1.fc19
2014-07-01 07:23:11
gentoo
gentoo
GnuPG: Denial of service
2014-07-16 00:00:00
kaspersky
kaspersky
KLA10175 DoS vulnerability in GnuPG
2014-06-25 00:00:00
osv
osv
gnupg2 - security update
2014-06-27 00:00:00
gnupg2 - security update
2014-09-10 00:00:00
gnupg - security update
2014-06-25 00:00:00
securityvulns
securityvulns
[slackware-security] gnupg (SSA:2014-175-02)
2014-06-26 00:00:00
GnuPG DoS
2014-06-26 00:00:00
cvelist
cvelist
CVE-2014-4617
2014-06-25 10:00:00
slackware
slackware
[slackware-security] gnupg
2014-06-24 23:46:55
[slackware-security] gnupg2
2014-06-24 23:47:10
prion
prion
Design/Logic Flaw
2014-06-25 11:19:00
mageia
mageia
Updated gnupg & gnupg2 packages fixes CVE-2014-4617
2014-06-27 19:08:48
cve
cve
CVE-2014-4617
2014-06-25 11:19:22
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.013
Percentile
86.0%
Related for USN-2258-1