Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GnuPG外部HKP格式串处理漏洞
Vulnerability Description
GNU Privacy Guard (GnuPG)是一款开放源代码的加密程序。 GnuPG在使用外部HKP工具时对参数输入缺少充分过滤,远程攻击者可以利用这个漏洞进行格式串攻击,可能破坏内存信息,以GnuPG进程权限在系统上执行任意指令。 GnuPG包含外部HKP接口,默认在1.2 stable版本中不启用,不过可以通过使用'--enable-external-hkp'配置选项激活,不过在1.3的版本中,外部HKP接口是默认开启。当外部HKP接口使用时,GnuPG会使用'gpgkeys_hkp'工具对密钥
CVSS Information
N/A
Vulnerability Type
N/A