CVE-2001-0072

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard
Vendor: CVE Published:; 12 February 2001

Summary

gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.

References

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

http://www.debian.org/security/2000/20001225b

vendor-advisoryx_refsource_DEBIAN

http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-...

vendor-advisoryx_refsource_MANDRAKE

Timeline

Vulnerability published
Feb 12, 2001
Vulnerability Reserved
Feb 1, 2001