Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes GnuPG Multiple Command Execution Vulnerabilities

Title : Fedora Security Update Fixes GnuPG Multiple Command Execution Vulnerabilities
VUPEN ID : VUPEN/ADV-2006-4891
CVE ID : CVE-2006-6169 - CVE-2006-6235
Rated as : Critical 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-12-07

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

Fedora has released security updates to address two vulnerabilities identified in GnuPG. These flaws could be exploited by attackers to cause a denial of service or execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4881 - VUPEN/ADV-2006-4772

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

c626ce84e9d2dc39c863efbbdf879330d5fe74fb SRPMS/gnupg-1.4.6-2.src.rpm
c626ce84e9d2dc39c863efbbdf879330d5fe74fb noarch/gnupg-1.4.6-2.src.rpm
682cbd00aabbb225d748bdb237fde51b3ef25b06 ppc/gnupg-1.4.6-2.ppc.rpm
ebbeef080fff37991929bc6d727dad8dec0287dc ppc/debug/gnupg-debuginfo-1.4.6-2.ppc.rpm
a8e6cfd56037a585d9d4f4a745e17be59bcab206 x86_64/gnupg-1.4.6-2.x86_64.rpm
786c668d1c45a02f73af311832e70d0cae81c738 x86_64/debug/gnupg-debuginfo-1.4.6-2.x86_64.rpm
1e442eca4432f340c53ccca22b620c009b8aae08 i386/gnupg-1.4.6-2.i386.rpm
e99717a999fb025e2d4635351a7618c51613b4f0 i386/debug/gnupg-debuginfo-1.4.6-2.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

e6df1f232aa07d279b9b9df1c044e685755e029b SRPMS/gnupg-1.4.6-1.src.rpm
e6df1f232aa07d279b9b9df1c044e685755e029b noarch/gnupg-1.4.6-1.src.rpm
ddb7e4721214d3f8af73452da0c2cedf8423bb72 ppc/gnupg-1.4.6-1.ppc.rpm
5a7274273ae7d6d70f79cc3c1fab98f4ee3d07de ppc/debug/gnupg-debuginfo-1.4.6-1.ppc.rpm
e8f243e6d7ba813a9143f07dcd65ee8e7f10d0e0 x86_64/debug/gnupg-debuginfo-1.4.6-1.x86_64.rpm
13e9453ace40d61347f9959ef92cec320480cae5 x86_64/gnupg-1.4.6-1.x86_64.rpm
b9fd4cbdf7bb420798826a291cd4158ea01c4d5e i386/gnupg-1.4.6-1.i386.rpm
3fd12518890d1a58058db2c256e4d1c6f39349eb i386/debug/gnupg-debuginfo-1.4.6-1.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4891
https://www.redhat.com/archives/fedora-package-announce/2006-December/msg00039.html
https://www.redhat.com/archives/fedora-package-announce/2006-December/msg00040.html

ChangeLog

2006-12-07 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy