CVE-2005-2023 - The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly hand

CVE-2005-2023

Summary

The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail.

References

http://lists.gnupg.org/pipermail/gpa-dev/2005-June/002291.html
http://lists.gnupg.org/pipermail/gpa-dev/2005-June/002294.html
http://www.novell.com/linux/security/advisories/2005_16_sr.html
https://lists.gnupg.org/pipermail/gpa-dev/2005-May/002284.html

Vulnerable Configurations

cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 20-12-2016 - 02:59)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

mlist	[gpa-dev] 20050531 S/MIME signing fails on a SUSE 9.3 system [gpa-dev] 20050603 Re: S/MIME signing fails on a SUSE 9.3 system
suse	SUSE-SR:2005:016

Last major update

20-12-2016 - 02:59

Published

17-06-2005 - 04:00

Last modified

20-12-2016 - 02:59