Mandrake Linux Security Advisory : gnupg (MDKSA-2006:221)
Medium Nessus Plugin ID 24605
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionBuffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages that cause the make_printable_string function to return a longer string than expected while constructing a prompt.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected gnupg and / or gnupg2 packages.