Required CVE Record Information
Description
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors.
References 9 Total
- openwall.com: [oss-security] 20120808 Re: CVE Request: gnome-keyring: improper caching of gpg password/passphrase mailing-list
- http://git.gnome.org/browse/gnome-keyring/commit/?id=51606f299e5ee9d48096db0a5957efe26cbf7cc3
- openwall.com: [oss-security] 20120809 CVE Request: gnome-keyring: improper caching of gpg password/passphrase mailing-list
- http://git.gnome.org/browse/gnome-keyring/commit/?id=5dff623470b859e332dbe12afb0dc57b292832d2
- https://bugzilla.gnome.org/show_bug.cgi?id=681081
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683655
- lists.opensuse.org: openSUSE-SU-2012:1121 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=845426
- mandriva.com: MDVSA-2013:084 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- openwall.com: [oss-security] 20120808 Re: CVE Request: gnome-keyring: improper caching of gpg password/passphrase mailing-listx_transferred
- http://git.gnome.org/browse/gnome-keyring/commit/?id=51606f299e5ee9d48096db0a5957efe26cbf7cc3 x_transferred
- openwall.com: [oss-security] 20120809 CVE Request: gnome-keyring: improper caching of gpg password/passphrase mailing-listx_transferred
- http://git.gnome.org/browse/gnome-keyring/commit/?id=5dff623470b859e332dbe12afb0dc57b292832d2 x_transferred
- https://bugzilla.gnome.org/show_bug.cgi?id=681081 x_transferred
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683655 x_transferred
- lists.opensuse.org: openSUSE-SU-2012:1121 vendor-advisoryx_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=845426 x_transferred
- mandriva.com: MDVSA-2013:084 vendor-advisoryx_transferred