Red Hat Bugzilla – Bug 200904
CVE-2006-3746 GnuPG Parse_Comment Remote Buffer Overflow
Last modified: 2007-11-30 17:11:39 EST
Text from Security Focus:
GnuPG is prone to a remote buffer-overflow vulnerability because it fails to
properly bounds-check user-supplied input before copying it to an insufficiently
sized memory buffer.
This issue may allow remote attackers to execute arbitrary machine code in the
context of the affected application, but this has not been confirmed.
GnuPG version 1.4.4 is vulnerable to this issue; previous versions may also be
The following Perl command demonstrates this issue by crashing the affected
perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| /var/gnupg/bin/gpg --no-armor
An update to 1.4.5 hould show up in Raw Hide tomorrow. Packages are also pushed
to FC4/FC5 testing, and will probably be moved to final status tomorrow as well,
at which point we'll close this bug.