漏洞信息详情
OpenPGP个人密钥攻击漏洞
- CNNVD编号:CNNVD-200106-133
- 危害等级: 中危
![图片[1]-OpenPGP个人密钥攻击漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-09/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2001-0381
- 漏洞类型:
设计错误
- 发布时间:
2001-06-27
- 威胁类型:
本地
- 更新时间:
2006-09-22
- 厂 商:
pgp - 漏洞来源:
Discovered by Vlas… -
漏洞简介
OpenPGP PGP标准版存在漏洞。攻击者可以借助密码翻译攻击判断个人签名密钥,攻击者可通过改变已加密个人密钥文件和抓取签署签名密钥的单个消息进行密码翻译。
漏洞公告
Several vendors of programs which implement the OpenPGP key format have made patches available:
GNU GNU Privacy Guard 1.0.4
-
Caldera 2.4 i386 gnupg-1.0.5-3.i386.rpm
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/gnu
pg-1.0.5-3.i386.rpm -
Conectiva 4.0 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 4.0 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva 4.0es i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-1.0.6-1cl.i386.rp
m -
Conectiva 4.0es i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/gnupg-doc-1.0.6-1cl.i38
6.rpm -
Conectiva 4.1 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 4.1 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva 4.2 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 4.2 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva 5.0 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 5.0 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva 5.1 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 5.1 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva 6.0 i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-1.0.6-1cl.i386.rpm -
Conectiva 6.0 i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/gnupg-doc-1.0.6-1cl.i386.
rpm -
Conectiva ecommerce i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-1
.0.6-1cl.i386.rpm -
Conectiva ecommerce i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/gnupg-d
oc-1.0.6-1cl.i386.rpm -
Conectiva graficas i386 gnupg-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-1.
0.6-1cl.i386.rpm -
Conectiva graficas i386 gnupg-doc-1.0.6-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/gnupg-do
c-1.0.6-1cl.i386.rpm -
Gnu GNU Privacy Guard 1.0.5
ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.0.5.tar.gz -
Immunix 6.2 i386 gnupg-1.0.5-2_StackGuard.i386.rpm
http://download.immunix.org/ImmunixOS/6.2/updates/RPMS/gnupg-1.0.5-2_S
tackGuard.i386.rpm -
Immunix 7.0 i386 gnupg-1.0.5-2_imnx.i386.rpm
http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/gnupg-1.0.5-2_i
mnx.i386.rpm -
RedHat 6.2 alpha gnupg-1.0.5-0.6.x.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/gnupg-1.0.5-0.6.x.alpha.rpm -
RedHat 6.2 sparc gnupg-1.0.5-0.6.x.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/gnupg-1.0.5-0.6.x.sparc.rpm -
RedHat 7.0 alpha gnupg-1.0.5-1.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/gnupg-1.0.5-1.alpha.rpm -
RedHat 7.0 i386 gnupg-1.0.5-1.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/gnupg-1.0.5-1.i386.rpm -
RedHat 7.1 i386 gnupg-1.0.5-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/gnupg-1.0.5-1.i386.rpm -
TurboLinux 6.0 i386 gnupg-1.0.6-1.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/gnupg-1.0.6-1.i386.r
pm
参考网址
来源: XF
名称: openpgp-private-key-disclosure(6558)
链接:http://xforce.iss.net/xforce/xfdb/6558
来源: BID
名称: 2673
链接:http://www.securityfocus.com/bid/2673
来源: REDHAT
名称: RHSA-2001:063
链接:http://www.redhat.com/support/errata/RHSA-2001-063.html
来源: OSVDB
名称: 11966
链接:http://www.osvdb.org/11966
来源: BUGTRAQ
名称: 20010322 Re: Yes, they have found a serious PGP vulnerability…sort of
链接:http://archives.neohapsis.com/archives/bugtraq/2001-03/0311.html
来源: BUGTRAQ
名称: 20010320 Yes, they have found a serious PGP vulnerability…sort of
链接:http://archives.neohapsis.com/archives/bugtraq/2001-03/0274.html
来源: BUGTRAQ
名称: 20010319 Have they found a serious PGP vulnerability?!
链接:http://archives.neohapsis.com/archives/bugtraq/2001-03/0252.html
来源: CALDERA
名称: CSSA-2001-017.0
链接:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-017.0.txt
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
