Vulnerability Details : CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
Vulnerability category: Execute code
Products affected by CVE-2006-6235
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.9.20:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:privacy_guard:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gpg4win:gpg4win:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-6235
5.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-6235
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
Vendor statements for CVE-2006-6235
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References for CVE-2006-6235
-
http://www.redhat.com/support/errata/RHSA-2006-0754.html
SupportVendor Advisory
-
http://www.securityfocus.com/archive/1/453664/100/0/threaded
-
http://www.vupen.com/english/advisories/2006/4881
Site en construction
-
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html
-
http://www.trustix.org/errata/2006/0070
Trustix | Empowering Trust and Security in the Digital Age
-
https://issues.rpath.com/browse/RPL-835
-
http://www.novell.com/linux/security/advisories/2006_28_sr.html
404 Page Not Found | SUSE
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30711
GnuPG OpenPGP packet code execution CVE-2006-6235 Vulnerability Report
-
http://security.gentoo.org/glsa/glsa-200612-03.xml
GnuPG: Multiple vulnerabilities (GLSA 200612-03) — Gentoo security
-
http://www.securityfocus.com/bid/21462
Vendor Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc
-
http://www.ubuntu.com/usn/usn-393-1
USN-393-1: GnuPG vulnerability | Ubuntu security notices | UbuntuPatch
-
http://securitytracker.com/id?1017349
Access Denied
-
http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm
ASA-2007-047 (RHSA-2006-0754)
-
http://www.debian.org/security/2006/dsa-1231
[SECURITY] [DSA 1231-1] New gnupg packages fix arbitrary code execution
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245
404 Not Found
-
http://www.securityfocus.com/archive/1/453723/100/0/threaded
-
http://www.ubuntu.com/usn/usn-393-2
USN-393-2: GnuPG2 vulnerabilities | Ubuntu security notices | Ubuntu
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:228
Mandriva
-
http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html
Object not found!
-
http://www.kb.cert.org/vuls/id/427009
VU#427009 - GnuPG vulnerable to remote data controlUS Government Resource
Jump to