Vulnerability Name:

CVE-2003-0255 (CCN-11930)

Assigned:2003-05-03
Published:2003-05-03
Updated:2018-05-03
Summary:The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: SCO Security Advisory CSSA-2003-034.0
OpenLinux: Key validity bug in GnuPG 1.2.1 and earlier

Source: CCN
Type: BugTraq Mailing List, Sat May 03 2003 - 20:35:26 CDT
Key validity bug in GnuPG 1.2.1 and earlier

Source: MITRE
Type: CNA
CVE-2003-0255

Source: CONECTIVA
Type: UNKNOWN
CLA-2003:694

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:694
gnupg

Source: CCN
Type: Gentoo Linux Security Announcement 200305-04
gnupg key validity bug

Source: CCN
Type: Guardian Digital Security Advisory ESA-20030515-016
key validation bug

Source: BUGTRAQ
Type: UNKNOWN
20030504 Key validity bug in GnuPG 1.2.1 and earlier

Source: ENGARDE
Type: UNKNOWN
ESA-20030515-016

Source: BUGTRAQ
Type: UNKNOWN
20030516 [OpenPKG-SA-2003.029] OpenPKG Security Advisory (gnupg)

Source: BUGTRAQ
Type: UNKNOWN
20030522 [slackware-security] GnuPG key validation fix (SSA:2003-141-04)

Source: CCN
Type: RHSA-2003-175
Updated gnupg packages fix validation bug

Source: CCN
Type: RHSA-2003-176
gnupg security update

Source: CCN
Type: GnuPG Web site
The GNU Privacy Guard GnuPG.org

Source: CCN
Type: US-CERT VU#397604
GnuPG contains flaw in key validation code

Source: CERT-VN
Type: US Government Resource
VU#397604

Source: ENGARDE
Type: UNKNOWN
20030515-016

Source: MISC
Type: UNKNOWN
http://www.linuxsecurity.com/advisories/gentoo_advisory-3266.html

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2003:061

Source: CCN
Type: OpenPKG-SA-2003.029
GNUPG

Source: OSVDB
Type: UNKNOWN
4947

Source: CCN
Type: OSVDB ID: 4947
GnuPG Multiple Userid Key Validity

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2003:175

Source: REDHAT
Type: UNKNOWN
RHSA-2003:176

Source: BID
Type: UNKNOWN
7497

Source: CCN
Type: BID-7497
GNU Privacy Guard Insecure Trust Path To User ID Weakness

Source: CCN
Type: slackware-security Mailing List, Tue May 20 20:13:09 PDT 2003
[slackware-security] GnuPG key validation fix (SSA:2003-141-04)

Source: CCN
Type: TLSA-2003-34
Key validity bug in GnuPG

Source: TURBO
Type: UNKNOWN
TLSA200334

Source: XF
Type: UNKNOWN
gnupg-invalid-key-acceptance(11930)

Source: XF
Type: UNKNOWN
gnupg-invalid-key-acceptance(11930)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:135

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:privacy_guard:*:*:*:*:*:*:*:* (Version <= 1.2.1)

  • Configuration CCN 1:
  • cpe:/a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.5:*:*:*:server:*:*:*
  • OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_linux:-:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_professional:-:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.0:*:*:*:workstation:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:135
    V
    GnuPG Invalid User ID Vulnerability
    2007-04-25
    BACK
    gnu privacy guard *
    gnu privacy guard 1.0
    gnu privacy guard 1.0.1
    gnu privacy guard 1.0.2
    gnu privacy guard 1.0.3
    gnu privacy guard 1.0.4
    gnu privacy guard 1.0.5
    gnu privacy guard 1.0.6
    gnu privacy guard 1.0.7
    gnu privacy guard 1.2
    gnu privacy guard 1.2.1
    redhat linux 7
    redhat linux 7.1
    turbolinux turbolinux server 6.5
    conectiva linux 7.0
    redhat linux 7.2
    engardelinux secure linux -
    mandrakesoft mandrake linux 8.2
    conectiva linux 8.0
    redhat linux 7.3
    engardelinux secure professional -
    openpkg openpkg current
    gentoo linux *
    redhat linux 8.0
    openpkg openpkg 1.1
    mandrakesoft mandrake linux 9.0
    mandrakesoft mandrake multi network firewall 8.2
    openpkg openpkg 1.2
    turbolinux turbolinux workstation 6.0
    mandrakesoft mandrake linux corporate server 2.1
    mandrakesoft mandrake linux 9.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat linux 9.0
    slackware slackware linux 9.0
    redhat enterprise linux 2.1
    conectiva linux 9.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 8.2
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux corporate server 2.1