CVE-2006-3746 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-3746
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3746

Description: Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28220 UBUNTU http://www.ubuntu.com/usn/usn-332-1 TRUSTIX http://lwn.net/Alerts/194228/ SUSE http://www.novell.com/linux/security/advisories/2006_20_sr.html ST 1016622 SGI SAID Secunia Advisory: SA21306 Secunia Advisory: SA21329 Secunia Advisory: SA21378 Secunia Advisory: SA21351 Secunia Advisory: SA21297 Secunia Advisory: SA21333 Secunia Advisory: SA21326 Secunia Advisory: SA21300 Secunia Advisory: SA21522 Secunia Advisory: SA21524 Secunia Advisory: SA21598 Secunia Advisory: SA21346 Secunia Advisory: SA21467 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0615.html OSVDB 27664 MLIST http://www.gossamer-threads.com/lists/gnupg/devel/37623 http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html MISC http://issues.rpath.com/browse/RPL-560 http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:141 GENTOO http://security.gentoo.org/glsa/glsa-200608-08.xml DEBIAN http://www.debian.org/security/2006/dsa-1141 http://www.debian.org/security/2006/dsa-1140 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-164.htm BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/442621/100/100/threaded http://www.securityfocus.com/archive/1/archive/1/442012/100/0/threaded BID 19110

Return to the previous page.