Threat Level: green Handler on Duty: Chris Mohan

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

GnuPG 1.4.5 released - remote execution possible

Published: 2006-08-01
Last Updated: 2006-08-01 23:40:00 UTC
by Arrigo Triulzi (Version: 1)
0 comment(s)
A new version of GnuPG has been released addressing memory allocation problems.

From the ChangeLog:
 *    Fixed 2 more possible memory allocation attacks.  They are
similar to the problem we fixed with 1.4.4. This bug can easily
be be exploted for a DoS; remote code execution is not entirely
impossible.
At the time of writing this version was still trickling down to mirrors.
Keywords:
0 comment(s)
Diary Archives