Executive Summary
Summary | |
---|---|
Title | gnupg2 security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0603 | First vendor Publication | 2010-08-04 |
Vendor | RedHat | Last vendor Modification | 2010-08-04 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.1 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated gnupg2 package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax (CMS) encryption and signing tool, handled X.509 certificates with a large number of Subject Alternate Names. A specially-crafted X.509 certificate could, when imported, cause gpgsm to crash or, possibly, execute arbitrary code. (CVE-2010-2547) All gnupg2 users should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 618156 - CVE-2010-2547 GnuPG 2: use-after-free when importing certificate with many alternate names |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0603.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11631 | |||
Oval ID: | oval:org.mitre.oval:def:11631 | ||
Title: | DSA-2076 gnupg2 -- use-after-free | ||
Description: | It was discovered that GnuPG 2 uses a freed pointer when verifying a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2076 CVE-2010-2547 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13159 | |||
Oval ID: | oval:org.mitre.oval:def:13159 | ||
Title: | USN-970-1 -- gnupg2 vulnerability | ||
Description: | It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-970-1 CVE-2010-2547 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.04 Ubuntu 9.04 Ubuntu 9.10 | Product(s): | gnupg2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20091 | |||
Oval ID: | oval:org.mitre.oval:def:20091 | ||
Title: | DSA-2076-1 gnupg2 - execution of arbitrary code | ||
Description: | It was discovered that GnuPG 2 uses a freed pointer when verifying a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2076-1 CVE-2010-2547 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | gnupg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22297 | |||
Oval ID: | oval:org.mitre.oval:def:22297 | ||
Title: | RHSA-2010:0603: gnupg2 security update (Moderate) | ||
Description: | Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0603-01 CESA-2010:0603 CVE-2010-2547 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gnupg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22992 | |||
Oval ID: | oval:org.mitre.oval:def:22992 | ||
Title: | ELSA-2010:0603: gnupg2 security update (Moderate) | ||
Description: | Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0603-01 CVE-2010-2547 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gnupg2 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27257 | |||
Oval ID: | oval:org.mitre.oval:def:27257 | ||
Title: | DEPRECATED: ELSA-2010-0603 -- gnupg2 security update (moderate) | ||
Description: | [2.0.10-3.1] - fix use after free when importing certain X509 certificates CVE-2010-2547 (#618156) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0603 CVE-2010-2547 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | gnupg2 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-15 (GnuPG) File : nvt/glsa_201110_15.nasl |
2011-08-09 | Name : CentOS Update for gnupg2 CESA-2010:0603 centos5 i386 File : nvt/gb_CESA-2010_0603_gnupg2_centos5_i386.nasl |
2010-08-21 | Name : Debian Security Advisory DSA 2076-1 (gnupg2) File : nvt/deb_2076_1.nasl |
2010-08-20 | Name : Fedora Update for gnupg2 FEDORA-2010-11382 File : nvt/gb_fedora_2010_11382_gnupg2_fc12.nasl |
2010-08-13 | Name : Ubuntu Update for gnupg2 vulnerability USN-970-1 File : nvt/gb_ubuntu_USN_970_1.nasl |
2010-08-06 | Name : RedHat Update for gnupg2 RHSA-2010:0603-01 File : nvt/gb_RHSA-2010_0603-01_gnupg2.nasl |
2010-08-06 | Name : Fedora Update for gnupg2 FEDORA-2010-11413 File : nvt/gb_fedora_2010_11413_gnupg2_fc13.nasl |
2010-08-02 | Name : Mandriva Update for gnupg2 MDVSA-2010:143 (gnupg2) File : nvt/gb_mandriva_MDVSA_2010_143.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-240-01 gnupg2 File : nvt/esoft_slk_ssa_2010_240_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
66624 | GnuPG GPGSM kbx/keybox-blob.c Crafted Certificate Use-after-free Arbitrary Co... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_gpg2-100728.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-0603.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20100804_gnupg2_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-15.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gpg2-100728.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gpg2-7107.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-240-01.nasl - Type : ACT_GATHER_INFO |
2010-08-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-970-1.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2010-0603.nasl - Type : ACT_GATHER_INFO |
2010-08-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gpg2-100728.nasl - Type : ACT_GATHER_INFO |
2010-08-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_gpg2-100728.nasl - Type : ACT_GATHER_INFO |
2010-08-05 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0603.nasl - Type : ACT_GATHER_INFO |
2010-08-03 | Name : The remote Fedora host is missing a security update. File : fedora_2010-11413.nasl - Type : ACT_GATHER_INFO |
2010-08-02 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2010-143.nasl - Type : ACT_GATHER_INFO |
2010-07-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2076.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:41 |
|