|
|
Subscribe / Log in / New account

pgpdump: denial of service

Package(s):pgpdump CVE #(s):CVE-2016-4021
Created:April 25, 2016 Updated:January 2, 2017
Description: From the Arch Linux advisory:

When pgpdump is run on specially crafted input, a denial of service condition occurs. The program runs with 100% CPU usage for an indefinite amount of time. This can be abused in scenarios where users can supply input to pgpdump, e.g. in http://www.pgpdump.net/.

A remote attacker is able to create a specially crafted input that is leading to CPU resource consumption resulting in denial of service.

Alerts:
Fedora FEDORA-2016-6fd7a31d36 pgpdump 2016-05-10
Fedora FEDORA-2016-5733ad20f5 pgpdump 2016-05-10
Debian-LTS DLA-768-1 pgpdump 2016-12-30
Arch Linux ASA-201605-1 imlib2 2016-05-04
Mageia MGASA-2016-0157 pgpdump 2016-04-29
Arch Linux ASA-201604-11 pgpdump 2016-04-23
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds