Vigil@nce - GnuPG: information disclosure via no-usage-permitted
September 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When a key is tagged as "no-usage-permitted", an attacker can
force GnuPG to use it, in order to obtain sensitive information.
Impacted products: GnuPG
Severity: 1/4
Creation date: 13/09/2013
DESCRIPTION OF THE VULNERABILITY
The RFC 4880 allows each PGP key to have flags indicating the
possible usages for the key.
When a key has no flag, it should not be used. However, GnuPG
interprets this state as meaning that the key can be used for any
usage.
When a key is tagged as "no-usage-permitted", an attacker can
therefore force GnuPG to use it, in order to obtain sensitive
information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/GnuPG-information-disclosure-via-no-usage-permitted-13429