CVE-2006-0455
CVE-2006-0455
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/27231no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-Uhttp://fedoranews.org/updates/FEDORA-2006-116.shtmlhttp://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.htmlhttp://marc.info/?l=gnupg-devel&m=113999098729114&w=2http://secunia.com/advisories/18845http://secunia.com/advisories/18933http://secunia.com/advisories/18934http://secunia.com/advisories/18942http://secunia.com/advisories/18955http://secunia.com/advisories/18956http://secunia.com/advisories/18968http://secunia.com/advisories/19130