exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2018-12020

Status Candidate

Overview

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.

Related Files

Ubuntu Security Notice USN-3964-1
Posted May 2, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3964-1 - Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. It was discovered that python-gnupg incorrectly handled the GPG passphrase. A remote attacker could send a specially crafted passphrase that would allow them to control the output of encryption and decryption operations. Various other issues were also addressed.

tags | advisory, remote, spoof, python
systems | linux, ubuntu
advisories | CVE-2018-12020, CVE-2019-6690
SHA-256 | 4032858588d1e2658d61e5efd5e46c841d62a00dde590953eebf108edf5c4102
Johnny You Are Fired
Posted May 1, 2019
Authored by Juraj Somorovsky, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Hanno Bock, Jens Muller, Marcus Brinkmann

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

tags | exploit, paper, spoof, proof of concept
advisories | CVE-2017-17848, CVE-2018-12019, CVE-2018-12020, CVE-2018-12356, CVE-2018-12556, CVE-2018-15586, CVE-2018-15587, CVE-2018-15588, CVE-2018-18509, CVE-2019-8338
SHA-256 | 3356c7f94ef68ddc7268602c64a93e10fbaff874992374b51f89d7cf87f71a0c
Red Hat Security Advisory 2018-2181-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2181-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
SHA-256 | 52028cf1f6db5944f1b973c2d1be9658dbc142764c48fc8560d6d3b5e94951da
Red Hat Security Advisory 2018-2180-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2180-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-12020
SHA-256 | 2f2fc656a581e7a0b0a806028dac8470629fd42649f68fd5af9f7580518b6aeb
Slackware Security Advisory - gnupg Updates
Posted Jun 20, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12020
SHA-256 | 527978ed4a1118975c628678ef407d626092edebb007c69f960a688a6649e7af
Ubuntu Security Notice USN-3675-3
Posted Jun 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-3 - USN-3675-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-12020
SHA-256 | 9587c69c7756e324145670c1fa02e480461438c991a57a910589e604dd2916be
Ubuntu Security Notice USN-3675-2
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-2 - USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-12020
SHA-256 | 0897462e75854fb4e6baef305d59332291756546f6848648d42df67f1e8ed263
Ubuntu Security Notice USN-3675-1
Posted Jun 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-1 - Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Lance Vick discovered that GnuPG did not enforce configurations where key certification required an offline master Certify key. An attacker with access to a signing subkey could generate certifications that appeared to be valid. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-12020, CVE-2018-9234
SHA-256 | 3766e8329e34b63027e4f5cf9a8633afd662c34ab0ba403d391cd6bb6a60ae4b
Debian Security Advisory 4223-1
Posted Jun 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4223-1 - Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.

tags | advisory
systems | linux, debian
advisories | CVE-2018-12020
SHA-256 | f6ea747cbddc7efc3cb94834162fc04efbb679102e473cbef039c62688a32712
Debian Security Advisory 4222-1
Posted Jun 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4222-1 - Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.

tags | advisory
systems | linux, debian
advisories | CVE-2018-12020
SHA-256 | 6a19749f3da79b8b886406716d726e163566861df974152823ddc17394f42d0b
Slackware Security Advisory - gnupg2 Updates
Posted Jun 8, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg2 packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and - -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-12020
SHA-256 | d310e76a0921a6cc2ee16f19d8f8b391df2cb4899707346d543830d25c927438
Debian Security Advisory 4224-1
Posted Jun 8, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4224-1 - Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.

tags | advisory
systems | linux, debian
advisories | CVE-2018-12020
SHA-256 | 48ffa2083ce23edda66107d7e98133264aff4c0af7aaa1febaa827798b766e31
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close