Vulnerability CVE-2006-0803 - CERT Civis.Net

Vulnerability Name:

CVE-2006-0803 (CCN-25246)

Assigned:

2006-02-20

Published:

2006-02-20

Updated:

2018-10-30

Summary:

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Other

References:

Source: MITRE
Type: CNA
CVE-2006-0803

Source: SUSE
Type: Vendor Advisory
SUSE-SA:2006:009

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:013

Source: CCN
Type: OSVDB ID: 28025
SuSE YaST YaST Online Update (YOU) Signature Verification Bypass

Source: BID
Type: UNKNOWN
16889

Source: CCN
Type: BID-16889
SuSE YaST Online Update Script Signature Verification Bypass Vulnerability

Source: XF
Type: UNKNOWN
you-gpg-improper-verification(25246)

Source: SUSE
Type: SUSE-SA:2006:013
gpg / liby2util signature checking problems

Vulnerable Configuration:

Configuration 1:

cpe:/o:novell:suse_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

AND

cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:novell:open_enterprise_server:1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20060803	V	CVE-2006-0803	2015-11-16