Computer Security
[EN] securityvulns.ru no-pyccku


GnuPG security vulnerabilities
Published:12.10.2013
Source:
SecurityVulns ID:13360
Type:library
Threat Level:
5/10
Description:Protection bypass, DoS.
Affected:GNU : GnuPG 2.1
CVE:CVE-2013-4402 (GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.)
 CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:247 ] gnupg (12.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod