CVE-2006-3746
published 2006-07-28CVE-2006-3746: Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.08%
93.4th percentile
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gnupg2 | < gnupg2 1.9.20-2 (bookworm) | gnupg2 1.9.20-2 (bookworm) |
| gnupg | gnupg | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
gnupg vulnerability
vendor_ubuntu·2006-08-03
CVE-2006-3746 gnupg vulnerability
Title: gnupg vulnerability
Summary: gnupg vulnerability
Evgeny Legerov discovered that gnupg did not sufficiently check the
validity of the comment and a control field. Specially crafted GPG
data could cause a buffer overflow. This could be exploited to execute
arbitrary code with the user's privileges if an attacker can trick an
user into processing a malicious encrypted/signed document with gnupg.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
GnuPG Parse_Comment Remote Buffer Overflow
vendor_redhat·2006-07-21·CVSS 5.0
CVE-2006-3746 [MEDIUM] GnuPG Parse_Comment Remote Buffer Overflow
GnuPG Parse_Comment Remote Buffer Overflow
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
Debian
CVE-2006-3746: gnupg2 - Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers t...
vendor_debian·2006·CVSS 5.0
CVE-2006-3746 [MEDIUM] CVE-2006-3746: gnupg2 - Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers t...
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
Scope: local
bookworm: resolved (fixed in 1.9.20-2)
bullseye: resolved (fixed in 1.9.20-2)
forky: resolved (fixed in 1.9.20-2)
sid: resolved (fixed in 1.9.20-2)
trixie: resolved (fixed in 1.9.20-2)
GHSA
GHSA-qr6w-8m4j-52r2: Integer overflow in parse_comment in GnuPG (gpg) 1
ghsa_unreviewed·2022-05-03
CVE-2006-3746 [MEDIUM] GHSA-qr6w-8m4j-52r2: Integer overflow in parse_comment in GnuPG (gpg) 1
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
OSV
CVE-2006-3746: Integer overflow in parse_comment in GnuPG (gpg) 1
osv·2006-07-28·CVSS 5.0
CVE-2006-3746 [MEDIUM] CVE-2006-3746: Integer overflow in parse_comment in GnuPG (gpg) 1
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
No detection rules found.
Bugzilla
CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
bugzilla·2006-08-01·CVSS 5.0
CVE-2006-3746 [MEDIUM] CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
Text from Security Focus:
http://www.securityfocus.com/bid/19110/
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to
properly bounds-check user-supplied input before copying it to an insufficiently
sized memory buffer.
This issue may allow remote attackers to execute arbitrary machine code in the
context of the affected application, but this has not been confirmed.
GnuPG version 1.4.4 is vulnerable to this issue; previous versions may also be
affected.
The following Perl command demonstrates this issue by crashing the affected
application:
perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| /var/gnupg/bin/gpg --no-armor
http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html
Discussion:
An u
Bugzilla
CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
bugzilla·2006-07-28·CVSS 5.0
CVE-2006-3746 [MEDIUM] CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
Text from Security Focus:
http://www.securityfocus.com/bid/19110/
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to
properly bounds-check user-supplied input before copying it to an insufficiently
sized memory buffer.
This issue may allow remote attackers to execute arbitrary machine code in the
context of the affected application, but this has not been confirmed.
GnuPG version 1.4.4 is vulnerable to this issue; previous versions may also be
affected.
The following Perl command demonstrates this issue by crashing the affected
application:
perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| /var/gnupg/bin/gpg --no-armor
http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html
Discussion:
An a
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Phttp://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204%3Bmsg=15%3Batt=1http://issues.rpath.com/browse/RPL-560http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.htmlhttp://lwn.net/Alerts/194228/http://secunia.com/advisories/21297http://secunia.com/advisories/21300http://secunia.com/advisories/21306http://secunia.com/advisories/21326http://secunia.com/advisories/21329http://secunia.com/advisories/21333http://secunia.com/advisories/21346http://secunia.com/advisories/21351http://secunia.com/advisories/21378http://secunia.com/advisories/21467http://secunia.com/advisories/21522http://secunia.com/advisories/21524http://secunia.com/advisories/21598http://security.gentoo.org/glsa/glsa-200608-08.xmlhttp://securitytracker.com/id?1016622http://support.avaya.com/elmodocs2/security/ASA-2006-164.htmhttp://www.debian.org/security/2006/dsa-1140http://www.debian.org/security/2006/dsa-1141http://www.gossamer-threads.com/lists/gnupg/devel/37623http://www.mandriva.com/security/advisories?name=MDKSA-2006:141http://www.novell.com/linux/security/advisories/2006_20_sr.htmlhttp://www.osvdb.org/27664http://www.redhat.com/support/errata/RHSA-2006-0615.htmlhttp://www.securityfocus.com/archive/1/442012/100/0/threadedhttp://www.securityfocus.com/archive/1/442621/100/100/threadedhttp://www.securityfocus.com/bid/19110http://www.ubuntu.com/usn/usn-332-1http://www.vupen.com/english/advisories/2006/3123https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502https://exchange.xforce.ibmcloud.com/vulnerabilities/28220https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11347ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Phttp://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204%3Bmsg=15%3Batt=1http://issues.rpath.com/browse/RPL-560http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.htmlhttp://lwn.net/Alerts/194228/http://secunia.com/advisories/21297http://secunia.com/advisories/21300http://secunia.com/advisories/21306http://secunia.com/advisories/21326http://secunia.com/advisories/21329http://secunia.com/advisories/21333http://secunia.com/advisories/21346http://secunia.com/advisories/21351http://secunia.com/advisories/21378http://secunia.com/advisories/21467http://secunia.com/advisories/21522http://secunia.com/advisories/21524http://secunia.com/advisories/21598http://security.gentoo.org/glsa/glsa-200608-08.xmlhttp://securitytracker.com/id?1016622http://support.avaya.com/elmodocs2/security/ASA-2006-164.htmhttp://www.debian.org/security/2006/dsa-1140http://www.debian.org/security/2006/dsa-1141http://www.gossamer-threads.com/lists/gnupg/devel/37623http://www.mandriva.com/security/advisories?name=MDKSA-2006:141http://www.novell.com/linux/security/advisories/2006_20_sr.htmlhttp://www.osvdb.org/27664http://www.redhat.com/support/errata/RHSA-2006-0615.htmlhttp://www.securityfocus.com/archive/1/442012/100/0/threadedhttp://www.securityfocus.com/archive/1/442621/100/100/threadedhttp://www.securityfocus.com/bid/19110http://www.ubuntu.com/usn/usn-332-1http://www.vupen.com/english/advisories/2006/3123https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502https://exchange.xforce.ibmcloud.com/vulnerabilities/28220https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11347
2006-07-28
Published