Skip to navigation

CVE Database

CVE-2006-0049

Impact: Important
Public: 2006-03-09

Details

The MITRE CVE dictionary describes this issue as:

gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.

Find out more about CVE-2006-0049 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (gnupg) RHSA-2006:0266 March 15, 2006
Red Hat Enterprise Linux version 3 (gnupg) RHSA-2006:0266 March 15, 2006
Red Hat Enterprise Linux version 4 (gnupg) RHSA-2006:0266 March 15, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.