| Revision Date: | 2013-04-29 | Version: | 11 | | Title: | parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. | | Description: | parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2006-3082
| | Platform(s): | CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | | | Definition Synopsis | | OS Section: RHEL3, CentOS3 RHEL3 or CentOS3
The operating system installed on the system is Red Hat Enterprise Linux 3
OR CentOS Linux 3.x
AND gnupg is earlier than 0:1.2.1-16
OR OS Section: RHEL4, CentOS4, Oracle Linux 4
RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND gnupg is earlier than 0:1.2.6-5
|
|