PT-2001-1307 · Gnupg · Gpg
Publicado
2001-02-12
·
Atualizado
2017-10-10
·
CVE-2001-0072
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
gpg (aka GnuPG) versions 1.0.4 and other versions
Description:
The issue allows an attacker to potentially break the web of trust by importing both public and private keys from public key servers without notifying the user about the private keys.
Recommendations:
For gpg (aka GnuPG) versions 1.0.4 and other versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Gpg