Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security update: [CSSA-2001-17.0] gnupg - private key retrieval vulnerability
From: Caldera Support Information <sup-info () opus caldera com>
Date: Thu, 17 May 2001 11:53:16 -0600


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
                   Caldera Systems, Inc.  Security Advisory

Subject:                gnupg - private key retrieval vulnerability
Advisory number:        CSSA-2001-017.0
Issue date:             2001 May, 15
Cross reference:
______________________________________________________________________________


1. Problem Description

   Researchers from ICZ, a Czech information security company, have
   discovered a vulnerability in the secret key handling of GnuPG.
   Certain manipulations of the victim's secret key ring can result
   in the disclosure of the private key when signing messages.

   This requires the attacker to have write access to the secret key
   ring of the victim, which usually would also allow him to just
   modify the gpg binary or install snooping software, so the attack
   itself is more of theoretical nature.

   The technical background for this attack is explained in
   * http://www.i.cz/pdf/pgp/OpenPGP_attack_CZ.pdf (czech version)
   * http://www.icz.cz/en/pdf/openPGP_attack_ENGvktr.pdf (english
   * version)

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux 2.3                All packages previous to
                                gnupg-1.0.5-3

   OpenLinux eServer 2.3.1      All packages previous to
   and OpenLinux eBuilder       gnupg-1.0.5-3

   OpenLinux eDesktop 2.4       All packages previous to
                                gnupg-1.0.5-3

3. Solution

   Workaround

      none

   The proper solution is to upgrade to the latest packages.

4. OpenLinux 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

       084b2a3e1a352630a68108d47f09c286  RPMS/gnupg-1.0.5-3.i386.rpm
       0335e8b1b0230ee58ae39c4603ce5d8d  SRPMS/gnupg-1.0.5-3.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fhv gnupg-*.i386.rpm

5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

       75b032166b0fb5a389aaf5b2e13f98e6  RPMS/gnupg-1.0.5-3.i386.rpm
       0335e8b1b0230ee58ae39c4603ce5d8d  SRPMS/gnupg-1.0.5-3.src.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

          rpm -Fvh gnupg-*i386.rpm

6. OpenLinux eDesktop 2.4

   6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

       31c53f76dfe78419b6f1975bad2d89a4  RPMS/gnupg-1.0.5-3.i386.rpm
       0335e8b1b0230ee58ae39c4603ce5d8d  SRPMS/gnupg-1.0.5-3.src.rpm

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

       rpm -Fvh gnupg-*i386.rpm

7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 9581.

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.

9. Acknowledgements:

   Caldera International wishes to thank the ICZ team for spotting this
   problem.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7AmVB18sy83A/qfwRAq59AKCats/5IlvHjPQEnDXGqApSvBvfhACeO3kU
0ZgH1MJp3WwwqvUXPjIrUl8=
=PJMT
-----END PGP SIGNATURE-----



  By Date           By Thread  

Current thread:
  • Security update: [CSSA-2001-17.0] gnupg - private key retrieval vulnerability Caldera Support Information (May 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault