Search for vulnerabilities
Vulnerability details: VCID-x79s-td6r-aaac
Vulnerability ID VCID-x79s-td6r-aaac
Aliases CVE-2006-3082
Summary parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2006:0571
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.22668 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.23123 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.29408 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
epss 0.74126 https://api.first.org/data/v1/epss?cve=CVE-2006-3082
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1618133
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2006-3082
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/parse-packet.c?rev=4157&r1=4141&r2=4157
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3082.json
https://api.first.org/data/v1/epss?cve=CVE-2006-3082
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
http://seclists.org/lists/fulldisclosure/2006/May/0774.html
http://seclists.org/lists/fulldisclosure/2006/May/0782.html
http://seclists.org/lists/fulldisclosure/2006/May/0789.html
http://secunia.com/advisories/20783
http://secunia.com/advisories/20801
http://secunia.com/advisories/20811
http://secunia.com/advisories/20829
http://secunia.com/advisories/20881
http://secunia.com/advisories/20899
http://secunia.com/advisories/20968
http://secunia.com/advisories/21063
http://secunia.com/advisories/21135
http://secunia.com/advisories/21137
http://secunia.com/advisories/21143
http://secunia.com/advisories/21585
http://securitytracker.com/id?1016519
https://exchange.xforce.ibmcloud.com/vulnerabilities/27245
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.457382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10089
http://support.avaya.com/elmodocs2/security/ASA-2006-167.htm
https://usn.ubuntu.com/304-1/
http://www.debian.org/security/2006/dsa-1107
http://www.debian.org/security/2006/dsa-1115
http://www.mandriva.com/security/advisories?name=MDKSA-2006:110
http://www.novell.com/linux/security/advisories/2006_18_sr.html
http://www.novell.com/linux/security/advisories/2006_38_security.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.010.html
http://www.redhat.com/support/errata/RHSA-2006-0571.html
http://www.securityfocus.com/archive/1/438751/100/0/threaded
http://www.securityfocus.com/bid/18554
http://www.vupen.com/english/advisories/2006/2450
1618133 https://bugzilla.redhat.com/show_bug.cgi?id=1618133
375052 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375052
cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*
CVE-2006-3082 https://nvd.nist.gov/vuln/detail/CVE-2006-3082
CVE-2006-3082;OSVDB-26770 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/28077.txt
CVE-2006-3082;OSVDB-26770 Exploit https://www.securityfocus.com/bid/18554/info
RHSA-2006:0571 https://access.redhat.com/errata/RHSA-2006:0571
Data source Exploit-DB
Date added June 20, 2006
Description GnuPG 1.4.3/1.9.x - Parse_User_ID Remote Buffer Overflow
Ransomware campaign use Known
Source publication date June 20, 2006
Exploit type dos
Platform linux
Source update date Sept. 4, 2013
Source URL https://www.securityfocus.com/bid/18554/info
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-3082
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95379
EPSS Score 0.22668
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.