Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2003-176: gnupg Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the gnupg packages

Detailed Explanation for this Vulnerability Test

Updated gnupg packages are now available which correct a bug in the GnuPG
key validation functions.

The GNU Privacy Guard (GnuPG) is a utility for encrypting data and
creating digital signatures.

When evaluating trust values for the UIDs assigned to a given key,
GnuPG versions earlier than 1.2.2 would incorrectly associate the trust
value of the UID having the highest trust value with every UID assigned to
this key. This would prevent an expected warning message from being

All users are advised to upgrade to these errata packages which include an
update to GnuPG 1.0.7 containing patches from the GnuPG
development team to correct this issue.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.