Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0803

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0803
Last Modified 05 Sep 2008 05:00:15
Published 23 Feb 2006 03:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0803

Summary

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

Vulnerable Systems

Operating System

  • Suse Linux 10.0

  • Suse Linux 9.3


References

SUSE - SUSE-SA:2006:009

BID - 16889

SUSE - SUSE-SA:2006:013


Last Updated: 27 May 2016 10:41:48