Info

Disclosure

May 30, 2001

Discovery

Unknown

Dates

Exploit

May 29, 2001

Solution

Unknown

Description

GnuPG contains a flaw that may allow a malicious user to execute arbitrary code in the context of a user decrypting a given file. The issue is triggered when the attacker sends the victim a GPG message with a crafted filename, exploiting a format string vulnerability in the tty_printf() function. It is possible that the flaw may allow execution of code in the context of the target user, resulting in a loss of integrity.

Classification

Location: Local Access Required, Remote / Network Access, Local / Remote, Context Dependent
Attack Type: Cryptographic, Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public

Solution

Upgrade to version 1.0.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

GNU	GNU Privacy Guard	0.9x
		1.0.0
		1.0.1
		1.0.2
		1.0.3
		1.0.4
		1.0.5

References

CVE ID: 2001-0522 (see also: NVD)
Exploit Database: 20889
CERT VU: 233200 403051
Bugtraq ID: 2797
ISS X-Force ID: 6642
Vendor Specific Advisory URL: http://linuxtoday.com/news_story.php3?ltsn=2001-05-30-015-20-SC-PD
http://lists.debian.org/debian-security-announce/debian-security-announce-2001/msg00064.html
http://lists.suse.com/archive/suse-security-announce/2001-Jun/0000.html
http://lists.trustix.org/mailman/private/tsl-announce/2001-June/000011.html
http://rhn.redhat.com/errata/RHSA-2001-073.html
http://www.mandrakesecure.net/en/advisories/2001/MDKSA-2001-053-1.php3?dis=8.1
Generic Exploit URL: http://www.securityfocus.com/archive/1/187352

Credit

Fish Stiqz - fishsynnergy.net - Synnergy Networks

Direct URL: http://osvdb.org/1845

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

GNU

GNU Privacy Guard

References

Credit