CVE-2006-0455 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0455
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0455

Description: gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24744 UBUNTU http://www.ubuntu.com/usn/usn-252-1 TRUSTIX http://www.trustix.org/errata/2006/0008 SUSE http://www.novell.com/linux/security/advisories/2006_13_gpg.html http://www.novell.com/linux/security/advisories/2006_09_gpg.html http://www.novell.com/linux/security/advisories/2006_05_sr.html SLACKWARE http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.476477 SGI SAID Secunia Advisory: SA19532 Secunia Advisory: SA19249 Secunia Advisory: SA19130 Secunia Advisory: SA18968 Secunia Advisory: SA18956 Secunia Advisory: SA18955 Secunia Advisory: SA18942 Secunia Advisory: SA18933 Secunia Advisory: SA18845 Secunia Advisory: SA18934 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0266.html OSVDB 23221 OPENPKG http://www.openpkg.org/security/OpenPKG-SA-2006.001-gnupg.html MLIST http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html http://marc.theaimsgroup.com/?l=gnupg-devel&m=113999098729114&w=2 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:043 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml FEDORA http://fedoranews.org/updates/FEDORA-2006-116.shtml http://www.securityfocus.com/archive/1/archive/1/433931/100/0/threaded DEBIAN http://www.us.debian.org/security/2006/dsa-978 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/425289/100/0/threaded BID 16663

Return to the previous page.