Lucene search
UbuntuUSN-393-1HistoryDec 07, 2006 - 12:00 a.m.
GnuPG vulnerability
2006-12-0700:00:00
ubuntu.com
30
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.056 Low
EPSS
Percentile
93.3%
Releases
- Ubuntu 6.10
- Ubuntu 6.06
- Ubuntu 5.10
Details
Tavis Ormandy discovered that gnupg was incorrectly using the stack. If
a user were tricked into processing a specially crafted message, an
attacker could execute arbitrary code with the user’s privileges.
References
Related
openvas
openvas
FreeBSD Ports: gnupg
2008-09-04 00:00:00
Ubuntu: Security Advisory (USN-393-1)
2022-08-26 00:00:00
FreeBSD Ports: gnupg
2008-09-04 00:00:00
cvelist
cvelist
CVE-2006-6235
2006-12-07 11:00:00
securityvulns
securityvulns
GnuPG: remotely controllable function pointer [CVE-2006-6235]
2006-12-07 00:00:00
freebsd
freebsd
gnupg -- remotely controllable function pointer
2006-12-04 00:00:00
nvd
nvd
CVE-2006-6235
2006-12-07 11:28:00
nessus
nessus
Mandrake Linux Security Advisory : gnupg (MDKSA-2006:228)
2007-02-18 00:00:00
FreeBSD : gnupg -- remotely controllable function pointer (4db1669c-8589-11db-ac4f-02e081235dab)
2006-12-11 00:00:00
Ubuntu 5.10 / 6.06 LTS / 6.10 : gnupg vulnerability (USN-393-1)
2007-11-10 00:00:00
cert
cert
GnuPG vulnerable to remote data control
2006-12-18 00:00:00
cve
cve
CVE-2006-6235
2006-12-07 11:28:00
ubuntucve
ubuntucve
CVE-2006-6235
2006-12-07 00:00:00
debiancve
debiancve
CVE-2006-6235
2006-12-07 11:28:00
gentoo
gentoo
GnuPG: Multiple vulnerabilities
2006-12-10 00:00:00
debian
debian
[SECURITY] [DSA 1231-1] New gnupg packages fix arbitrary code execution
2006-12-09 09:39:51
osv
osv
gnupg
2006-12-09 00:00:00
slackware
slackware
[slackware-security] gnupg [resigned]
2006-12-07 22:03:33
[slackware-security] gnupg
2006-12-06 22:27:00
suse
suse
remote code execution in gpg,gpg2
2006-12-13 12:47:52
ubuntu
ubuntu
GnuPG2 vulnerabilities
2006-12-07 00:00:00
centos
centos
gnupg security update
2006-12-07 03:18:30
gnupg security update
2006-12-06 18:36:40
redhat
redhat
(RHSA-2006:0754) Important: gnupg security update
2006-12-06 00:00:00
oraclelinux
oraclelinux
Important gnupg security update
2006-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: gnupg-1.4.7-1
2007-03-12 19:15:32
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.056 Low
EPSS
Percentile
93.3%
Related for USN-393-1