CVE-2006-0049

{"id": "CVE-2006-0049", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-03-13T21:06:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U", "source": "security@debian.org"}, {"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://lists.suse.de/archive/suse-security-announce/2006-Mar/0003.html", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19173", "tags": ["Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19197", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19203", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19231", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19232", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19234", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19244", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19249", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19287", "source": "security@debian.org"}, {"url": "http://secunia.com/advisories/19532", "source": "security@debian.org"}, {"url": "http://securityreason.com/securityalert/450", "source": "security@debian.org"}, {"url": "http://securityreason.com/securityalert/568", "source": "security@debian.org"}, {"url": "http://securitytracker.com/id?1015749", "tags": ["Patch"], "source": "security@debian.org"}, {"url": "http://www.debian.org/security/2006/dsa-993", "tags": ["Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-08.xml", "tags": ["Patch", "Vendor Advisory"], "source": "security@debian.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:055", "source": "security@debian.org"}, {"url": "http://www.osvdb.org/23790", "tags": ["Patch"], "source": "security@debian.org"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00021.html", "source": "security@debian.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2006-0266.html", "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/archive/1/427324/100/0/threaded", "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/archive/1/433931/100/0/threaded", "source": "security@debian.org"}, {"url": "http://www.securityfocus.com/bid/17058", "tags": ["Patch"], "source": "security@debian.org"}, {"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.476477", "source": "security@debian.org"}, {"url": "http://www.trustix.org/errata/2006/0014", "source": "security@debian.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0915", "source": "security@debian.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25184", "source": "security@debian.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10063", "source": "security@debian.org"}, {"url": "https://usn.ubuntu.com/264-1/", "source": "security@debian.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455."}], "lastModified": "2018-10-19T15:42:14.603", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E054978B-8466-4D12-B7DC-7E72CC57F0DE"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38F964B-C5D1-4177-BD31-7AB4083CC431"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DF7811A-B254-4829-AED2-C70BD5C82592"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72ED862B-6278-41ED-9619-115E6552AFBB"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.3b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1869E888-E83C-4A62-AA84-F2C9F2AF12FB"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3D51820-D735-44FC-95BB-A473FFDE9D35"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5FB2C28-0E4D-4AE3-A2CC-0197FE578074"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F2224AF-EA7B-4A3D-8B23-7FC59D66E611"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A2B3B44-941E-4007-B58A-16E85B87CB33"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A642D7-007E-479D-963E-A74AAE195A54"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86144B81-D321-4ECA-937F-FFA8A043FCE4"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A93CAE1-0DFC-43E1-997D-22CDC338D3E8"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.2:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9896332E-819B-4392-B704-B143DBBE90A7"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B641ED5-4326-43E7-BF42-982B44478A05"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76CAFD24-E53F-488C-BD9F-BE31D30828AD"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5D3628A-3BDD-4C6F-AE7D-C81FC3EE1630"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74589745-A9A6-44DB-B4F0-B61B663ECA21"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB2B99CB-5950-42E7-ACD5-38457CBE9095"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D81AF47A-56BA-4D90-A4D4-D7A37333A117"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E55DBB73-EF6C-4C46-9E5A-7C35D7FD190C"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205C014A-236B-44CF-A92D-B4D6392FF9A7"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F412ECF0-DA84-47B8-98FD-06019C9E63E0"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE04D970-A467-4648-B99C-895BA8BEE79B"}, {"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C79DC753-35CB-46FA-BDE4-650BD1730505"}], "operator": "OR"}]}], "sourceIdentifier": "security@debian.org"}