Vulnerabilities > CVE-2001-0381 - Unspecified vulnerability in PGP Openpgp

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

pgp

NVD

Published: 2001-06-27

Updated: 2017-07-11

Summary

The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.

Vulnerable Configurations

Part	Description	Count
Application	Pgp PGP Openpgp *	1

Redhat

advisories

rhsa

id	RHSA-2001:063

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-017.0.txt
http://archives.neohapsis.com/archives/bugtraq/2001-03/0252.html
http://archives.neohapsis.com/archives/bugtraq/2001-03/0274.html
http://archives.neohapsis.com/archives/bugtraq/2001-03/0311.html
http://www.osvdb.org/11966
http://www.redhat.com/support/errata/RHSA-2001-063.html
http://www.securityfocus.com/bid/2673
https://exchange.xforce.ibmcloud.com/vulnerabilities/6558