CVE-2005-0366

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.

Weakness

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

Affected Software

Name	Vendor	Start Version	End Version
Gnupg	Gnupg	*	1.4.1 (excluding)
Gnupg	Ubuntu	dapper	*
Gnupg	Ubuntu	devel	*
Gnupg	Ubuntu	edgy	*
Gnupg	Ubuntu	feisty	*

Potential Mitigations

https://cwe.mitre.org/data/definitions/112.html
https://cwe.mitre.org/data/definitions/192.html
https://cwe.mitre.org/data/definitions/20.html

References

http://eprint.iacr.org/2005/033
http://eprint.iacr.org/2005/033.pdf
http://securitytracker.com/id?1013166
http://www.gentoo.org/security/en/glsa/glsa-200503-29.xml
http://www.kb.cert.org/vuls/id/303094
http://www.mandriva.com/security/advisories?name=MDKSA-2005:057
http://www.novell.com/linux/security/advisories/2005_07_sr.html
http://www.osvdb.org/13775
http://www.pgp.com/library/ctocorner/openpgp.html
http://www.securityfocus.com/bid/12529

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0366
CWE	https://cwe.mitre.org/data/definitions/326.html

Inadequate Encryption Strength

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References