CVE Vulnerabilities

CVE-2006-0803

Published: Feb 23, 2006 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

Affected Software

Name Vendor Start Version End Version
Suse_linux Novell 10.0 10.0
Suse_linux Suse 9.3 9.3

References