Improper Signature Verification in GnuPG Affects Multiple Versions
CVE-2006-0455

Currently unrated

Key Information:

Vendor

Gnu
Status
Privacy Guard
Vendor
CVE Published:
15 February 2006

What is CVE-2006-0455?

GnuPG's gpgv command, used for determining the validity of digital signatures, can mistakenly return a success status even when no valid signature is present in the detached signature file. This oversight occurs during unattended signature verifications and could mislead applications into treating invalid signatures as verified. Affected users are advised to review their usage of gpgv and ensure they are running a secure version of the software to prevent unauthorized actions based on erroneous verification results.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/16663
vdb-entryx_refsource_BID
http://secunia.com/advisories/18956
third-party-advisoryx_refsource_SECUNIA
http://www.trustix.org/errata/2006/0008
vendor-advisoryx_refsource_TRUSTIX

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.