Buffer overflow discovered in GnuPG

By | November 28, 2006

Werner Koch of the GnuPG project has discovered a buffer overflow in all versions of the GnuPG encryption software. In interactive mode, special crafted messages may be used to crash the software and potentially execute malicious code.

According to Koch, the vulnerability was introduced back in 1999. The bug is within the make_pritable_string function that is supposed to filter bad characters and return a string. Unfortunately, the routine copies data into a buffer without allocating enough memory.

All GnuPG versions are affected, including the current versions 1.4 and 2.0. Koch provides a source code patch in the bug report, for self-compilers to correct the problem on their own.

Leave a Reply