CVE-2006-0455

Currently unrated

Key Information:

Vendor: Gnu
Status: Privacy Guard
Vendor: CVE Published:; 15 February 2006

Summary

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".

References

http://www.securityfocus.com/bid/16663

vdb-entryx_refsource_BID

http://secunia.com/advisories/18956

third-party-advisoryx_refsource_SECUNIA

http://www.trustix.org/errata/2006/0008

vendor-advisoryx_refsource_TRUSTIX

Timeline

Vulnerability published
Feb 15, 2006
Vulnerability Reserved
Jan 27, 2006