Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0522

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0522
Last Modified 10 Sep 2008 03:08:16
Published 14 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0522

Summary

Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.

Vulnerable Systems

Application

  • Gnu Privacy Guard 7.1

  • Gnu Privacy Guard 7.2

  • Gnu Privacy Guard 8.0


References

CERT-VN - VU#403051

MANDRAKE - MDKSA-2001:053

CONFIRM - http://www.gnupg.org/whatsnew.html#rn20010529

XF - gnupg-tty-format-string(6642)

TURBO - TLSA2001028

BID - 2797

REDHAT - RHSA-2001:073

OSVDB - 1845

SUSE - SuSE-SA:2001:020

DEBIAN - DSA-061

CALDERA - CSSA-2001-020.0

BUGTRAQ - 20010601 The GnuPG format string bug (was: TSLSA-2001-0009 - GnuPG)

IMMUNIX - IMNX-2001-70-023-01

CONECTIVA - CLA-2001:399


Last Updated: 27 May 2016 10:36:18