Back to search
CVE-2002-1284
Published: Sep 1, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
The wizard in KGPG 0.6 through 0.8.2 does not properly provide the passphrase to gpg when creating new keys, which causes secret keys to be created with an empty passphrase and allows local attackers to steal the keys if they can be read.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
kgpg-wizard-empty-password(10629)
vdb-entry
x_refsource_XF
http://devel-home.kde.org/~kgpg/bug.html
x_refsource_CONFIRM
6152
vdb-entry
x_refsource_BID
20021110 GLSA: kgpg
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now