CVE-2001-0522 Information

Description

Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000399 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-023-01 http://online.securityfocus.com/archive/1/188218 http://www.calderasystems.com/support/security/advisories/CSSA-2001-020.0.txt http://www.debian.org/security/2001/dsa-061 http://www.gnupg.org/whatsnew.htmlrn20010529 http://www.kb.cert.org/vuls/id/403051 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3 http://www.novell.com/linux/security/advisories/2001_020_gpg_txt.html http://www.osvdb.org/1845 http://www.redhat.com/support/errata/RHSA-2001-073.html http://www.securityfocus.com/bid/2797 http://www.turbolinux.com/pipermail/tl-security-announce/2001-June/000439.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6642