| ID |
CVE-2001-0381
|
| Summary |
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.6 (as of 11-07-2017 - 01:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| redhat
via4
|
|
| refmap
via4
|
| bid | 2673 | | bugtraq | - 20010319 Have they found a serious PGP vulnerability?!
- 20010320 Yes, they have found a serious PGP vulnerability...sort of
- 20010322 Re: Yes, they have found a serious PGP vulnerability...sort of
| | caldera | CSSA-2001-017.0 | | osvdb | 11966 | | xf | openpgp-private-key-disclosure(6558) |
|
| Last major update |
11-07-2017 - 01:29 |
| Published |
27-06-2001 - 04:00 |
| Last modified |
11-07-2017 - 01:29 |
