Searching pine pgp software vulnerabilities

Pine before version 3.94 allows local users to

version | before | Pine |

Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.


KMail in KDE 1.0 provides a PGP passphrase as a

information | passphrase | compromise | arguments | argument | programs | provides | process | command | viewing | obtain | local | users | other | KMail | which | allow | could | list | such | line | keys | KDE | via | PGP |

KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.


The command port for PGP Certificate Server 2.5

Certificate | command | Server | port | PGP |

The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000.


The OpenPGP PGP standard allows an attacker to

cryptanalytic | determine | signature | encrypted | attacker | standard | captures | message | OpenPGP | private | alters | signed | single | allows | attack | which | file | PGP | key | via |

The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.


The split key mechanism used by PGP 7.0 allows

authenticate | passphrases | passphrase | capturing | mechanism | setting | holders | allows | "Cache | option | logged | obtain | holder | access | entire | share | other | while | split | used | they | key | on" | PGP |

The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.


Vulnerability in (1) pine before 4.33 and (2) t

Vulnerability |

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.


Network Associates PGP Keyserver 7.0 allows rem

Associates | Keyserver | attackers | Network | service | denial | allows | remote | cause | PGP |

Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.


PGP Security PGPfire 7.1 for Windows alters the

determine | attackers | system's | modifies | messages | Security | packets | running | Windows | PGPfire | system | allows | remote | TCP/IP | alters | stack | error | ICMP | PGP | way |

PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.


Microsoft Outlook plug-in PGP version 7.0, 7.0.

Microsoft | version | plug-in | Outlook | PGP |

Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted message.


Pine 4.2.1 through 4.4.4 puts Unix usernames an

Pine |

Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.


Network Associates PGP 7.0.4 and 7.1 does not t

Associates | Network | PGP |

Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase.


PGP 6.x and 7.x does not clear Windows alternat

information | alternate | sensitive | attackers | attached | supposed | recover | systems | Windows | deleted | streams | allows | which | files | clear | data | does | file | NTFS | PGP | not |

PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.


c-client IMAP Client, as used in imap-2002b and

imap-2002b | c-client | Client | Pine | IMAP | used |

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.


Buffer overflow in PINE before 4.58 allows remo

overflow | before | Buffer | PINE |

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.


Integer signedness error in rfc2231_get_param f

rfc2231_get_param | signedness | stringsc | Integer | before | error | PINE |

Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.


Race condition in rpdump in Pine 4.62 and earli

condition | rpdump | Pine | Race |

Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.


Multiple unspecified vulnerabilities in the G/P

vulnerabilities | unspecified | Multiple | G/PGP |

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.


Multiple unspecified vulnerabilities in the G/P

vulnerabilities | unspecified | Multiple | G/PGP |

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.


The G/PGP (GPG) Plugin 2.0, and 2.1dev before 2

G/PGP |

The G/PGP (GPG) Plugin 2.0, and 2.1dev before Tuesday, September 12, 2006, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter value can be set in the contents of an e-mail message.


PHP local file inclusion vulnerability in gpg_p

gpg_pop_initphp | vulnerability | inclusion | G/PGP | local | file | PHP |

PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before Saturday, July 07, 2007 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter.


Software vulnerabilities results 1 to 20 of 26     
Page: 12