diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index e294ff80db99..cf936a86627e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,45 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="30394651-13e1-11dd-bab7-0016179b2dd5"> + <topic>gnupg -- memory corruption vulnerability</topic> + <affects> + <package> + <name>gnupg</name> + <range><gt>0</gt></range> + </package> + <package> + <name>gnupg1</name> + <range><gt>0</gt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Secunia reports:</p> + <blockquote cite="http://secunia.com/advisories/29568"> + <p>A vulnerability has been reported in GnuPG, which can potentially + be exploited to compromise a vulnerable system.</p> + <p>The vulnerability is caused due to an error when importing keys + with duplicated IDs. This can be exploited to cause a memory corruption + when importing keys via --refresh-keys or --import.</p> + <p>Successful exploitation potentially allows execution of arbitrary code, + but has not been proven yet.</p> + </blockquote> + </body> + </description> + <references> + <bid>28487</bid> + <cvename>CVE-2008-1530</cvename> + <url>http://www.ocert.org/advisories/ocert-2008-1.html</url> + <url>http://secunia.com/advisories/29568</url> + <url>https://bugs.g10code.com/gnupg/issue894</url> + </references> + <dates> + <discovery>2008-03-19</discovery> + <entry>2008-04-26</entry> + </dates> + </vuln> + <vuln vid="44c8694a-12f9-11dd-9b26-001c2514716c"> <topic>extman -- password bypass vulnerability</topic> <affects> |