Vulnerability Name:

CVE-2003-0971 (CCN-13852)

Assigned:2003-11-27
Published:2003-11-27
Updated:2017-10-11
Summary:GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: SGI
Type: UNKNOWN
20040202-01-U

Source: CCN
Type: Full-Disclosure Mailing List, Thu Nov 27 2003 - 02:44:30 CST
GnuPG's ElGamal signing keys compromised

Source: MITRE
Type: CNA
CVE-2003-0971

Source: CONECTIVA
Type: UNKNOWN
CLA-2003:798

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:798
gnupg

Source: CONFIRM
Type: Patch, Vendor Advisory
http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html

Source: CONFIRM
Type: Patch
http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000277.html

Source: BUGTRAQ
Type: UNKNOWN
20031127 GnuPG's ElGamal signing keys compromised

Source: CCN
Type: RHSA-2003-390
Updated gnupg packages disable ElGamal keys

Source: CCN
Type: RHSA-2003-395
gnupg security update

Source: CCN
Type: SA10304
GnuPG ElGamal Signing Weakness Expose Private Key

Source: SECUNIA
Type: UNKNOWN
10304

Source: SECUNIA
Type: UNKNOWN
10349

Source: SECUNIA
Type: UNKNOWN
10399

Source: SECUNIA
Type: UNKNOWN
10400

Source: CCN
Type: CIAC Information Bulletin O-037
Red Hat GnuPG Packages ElGamal Keys Vulnerability

Source: DEBIAN
Type: UNKNOWN
DSA-429

Source: DEBIAN
Type: DSA 429-1
gnupg -- cryptographic weakness

Source: DEBIAN
Type: DSA-429
gnupg -- cryptographic weakness

Source: CCN
Type: GLSA-200312-05
GnuPG: ElGamal signing keys compromised and format string vulnerability

Source: CCN
Type: US-CERT VU#940388
GnuPG creates ElGamal keys for signing using insufficient entropy

Source: CERT-VN
Type: US Government Resource
VU#940388

Source: CCN
Type: Gentoo Linux Security Announcement 200312-05
app-crypt/gnupg

Source: CCN
Type: SCO Security Advisory CSSA-2004-009.0
OpenLinux: Gnupg (gpg) severe bug could compromise almost all ElGamal keys

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2003:109

Source: SUSE
Type: UNKNOWN
SuSE-SA:2003:048

Source: CCN
Type: Fedora Security Update Notification FEDORA-2003-025
A GNU utility for secure communication and data storage.

Source: REDHAT
Type: UNKNOWN
RHSA-2003:390

Source: REDHAT
Type: UNKNOWN
RHSA-2003:395

Source: BID
Type: Patch, Vendor Advisory
9115

Source: CCN
Type: BID-9115
GnuPG ElGamal Signing Key Private Key Compromise Vulnerability

Source: XF
Type: UNKNOWN
gnupg-elgamal-key-disclosure(13852)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10982

Source: SUSE
Type: SUSE-SA:2003:048
gpg: cryptographic compromise remote cmd execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.3b:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.2:rc1:*:*:*:*:*:*
  • OR cpe:/a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.5:*:*:*:server:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_firewall:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_email_server:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.0:*:*:*:workstation:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20030971
    V
    		CVE-2003-0971
    2015-11-16
    oval:org.mitre.oval:def:10982
    V
    		GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
    2013-04-29
    oval:org.debian:def:429
    V
    		cryptographic weakness
    2004-01-26
    oval:com.redhat.rhsa:def:20030395
    P
    		RHSA-2003:395: gnupg security update (Important)
    2003-12-10
    BACK
    gnu privacy guard 1.0.2
    gnu privacy guard 1.0.3
    gnu privacy guard 1.0.3b
    gnu privacy guard 1.0.4
    gnu privacy guard 1.0.5
    gnu privacy guard 1.0.6
    gnu privacy guard 1.0.7
    gnu privacy guard 1.2
    gnu privacy guard 1.2.1
    gnu privacy guard 1.2.2
    gnu privacy guard 1.2.2 rc1
    gnu privacy guard 1.2.3
    gnu privacy guard 1.0.2
    redhat linux 7.1
    turbolinux turbolinux server 6.5
    redhat linux 7.2
    suse suse linux 7.3
    suse suse linux firewall *
    suse suse linux database server *
    suse suse email server iii
    suse suse linux connectivity server *
    suse suse linux 8.0
    conectiva linux 8.0
    redhat linux 7.3
    debian debian linux 3.0
    gentoo linux *
    suse suse linux office server *
    redhat linux 8.0
    mandrakesoft mandrake linux 9.0
    suse suse email server 3.1
    suse suse linux 8.1
    suse linux enterprise server 8
    mandrakesoft mandrake multi network firewall 8.2
    turbolinux turbolinux server 6.1
    turbolinux turbolinux workstation 6.0
    mandrakesoft mandrake linux corporate server 2.1
    mandrakesoft mandrake linux 9.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat linux 9.0
    suse suse linux 8.2
    redhat enterprise linux 2.1
    conectiva linux 9.0
    suse suse linux 9.0
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux school server -
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux corporate server 2.1