GnuPG tty_printf format string could allow unauthorized access to client hosts

gnupg-tty-format-string (6642) The risk level is classified as HighHigh Risk

Description:

GNU Privacy Guard (GnuPG or GPG) is vulnerable to a format string attack when calling the tty_printf function. If a remote attacker encrypts a specially-crafted file that does not end with the ".gpg" file extension, the attacker could exploit the format string vulnerability when the file is decrypted to gain access to client hosts.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of GnuPG (1.0.6 or later), available from the Gnu Privacy Guard Web site. See References.

For SuSE Linux 6.3 and 6.4:
Upgrade to the latest version of GnuPG (1.0.6-1 or later), as listed in SuSE Security Announcement SuSE-SA:2001:020. See References.

For SuSE Linux 7.0 and 7.1:
Upgrade to the latest version of GnuPG (1.0.6-0 or later), as listed in SuSE Security Announcement SuSE-SA:2001:020. See References.

For Mandrake Linux 7.1 and Corporate Server 1.0.1:
Upgrade to the latest version of GnuPG (1.0.6-2.2mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:053-1 : gnupg. See References.

For Mandrake Linux 7.2 and 8.0:
Upgrade to the latest version of GnuPG (1.0.6-2.1mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:053-1 : gnupg. See References.

For Mandrake Linux 8.1:
Upgrade to the latest version of GnuPG (1.0.6-3.1mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2001:053-1 : gnupg. See References.

For Immunix OS 6.2, 7.0 and 7.0-beta:
Upgrade to the latest version of GnuPG (1.0.6-2_StackGuard or later), as listed in Immunix OS Security Advisory IMNX-2001-70-023-01. See References.

For Trustix Secure Linux 1.01, 1.1, and 1.2:
Upgrade to the latest version of GnuPG (1.0.6-1tr or later), as listed in Trustix Secure Linux Security Advisory #2001-0009. See References.

For Red Hat Linux 6.2:
Upgrade to the latest version of GnuPG (1.0.6-0.6 or later), as listed in RHSA-2001:073-04. See References.

For Red Hat Linux 7.0 and 7.1:
Upgrade to the latest version of GnuPG (1.0.6-1 or later), as listed in RHSA-2001:073-04. See References.

For Caldera OpenLinux 2.3, Server and Workstation 3.1, eServer 2.3.1, eDesktop 2.4 and eBuilder:
Upgrade to the latest version of GnuPG (1.0.6-1 or later), as listed in Caldera International, Inc. Security Advisory CSSA-2001-020.1. See References.

For Conectiva Linux 4.0, 4.0es, 4.1, 4.2, 5.0, prg graficos, ecommerce, 5.1, and 6.0:
Upgrade to the latest version of GnuPG (1.0.6-1cl or later), as listed in Conectiva Linux Security Announcement CLA-2001:399. See References.

For Debian GNU/Linux 2.2 (alias potato):
Upgrade to the latest version of GnuPG (1.0.6-0potato1 or later), as listed in DSA-061-1. See References.

For TurboLinux 6.5 Server, 6.1 Workstation, and 6.0.5 and earlier:
Upgrade to the latest version of gnupg (1.0.6-1 or later), as listed in Turbolinux Security Announcement TLSA2001028. See References.

For FreeBSD Ports Collection prior to 2001-05-30:
Upgrade to the latest version of gnupg (1.0.6_1 dated 2001-05-30 or later), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-01:44. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Platforms Affected:

  • Conectiva Linux 4.0
  • Conectiva Linux 4.0es
  • Conectiva Linux 4.1
  • Conectiva Linux 4.2
  • Conectiva Linux 5.0
  • Conectiva Linux 5.1
  • Conectiva Linux 6.0
  • Conectiva Linux ecommerce
  • Conectiva Linux prg_graficos
  • Debian Debian Linux 2.2
  • FreeBSD FreeBSD Ports Collection
  • GNU Privacy Guard 1.0
  • GNU Privacy Guard 1.0.1
  • GNU Privacy Guard 1.0.2
  • GNU Privacy Guard 1.0.3
  • GNU Privacy Guard 1.0.4
  • GNU Privacy Guard 1.0.5
  • Immunix Immunix OS 6.2
  • Immunix Immunix OS 7.0
  • Immunix Immunix OS 7.0-beta
  • MandrakeSoft Mandrake Linux 7.1
  • MandrakeSoft Mandrake Linux 7.2
  • MandrakeSoft Mandrake Linux 8.1
  • MandrakeSoft Mandrake Linux Corporate Server 1.0.1
  • RedHat Linux 6.2
  • RedHat Linux 7
  • RedHat Linux 7.1
  • RedHat Linux 7.2
  • RedHat Linux 7.3
  • SCO Caldera OpenLinux 2.3
  • SCO Caldera OpenLinux eBuilder
  • SCO Caldera OpenLinux eDesktop 2.4
  • SCO Caldera OpenLinux eServer 2.3.1
  • SCO Caldera OpenLinux Server 3.1
  • SCO Caldera OpenLinux Workstation 3.1
  • SUSE SuSE Linux 6.3
  • SUSE SuSE Linux 6.4
  • SUSE SuSE Linux 7.0
  • SUSE SuSE Linux 7.1
  • Trustix Secure Linux 1.01
  • Trustix Secure Linux 1.1
  • Trustix Secure Linux 1.2
  • Turbolinux Turbolinux 6.0.5
  • Turbolinux Turbolinux 6.1 Workstation
  • Turbolinux Turbolinux Server 6.5

Reported:

May 29, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page