CVE-2006-5111 - Dull Straighteners

Description

The libksba library 0.9.12 and possibly other versions as used by gpgsm in the newpg package on SUSE LINUX allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.

Reference

http://www.novell.com/linux/download/updates/101_x86_64.html http://www.novell.com/linux/security/advisories/2006_23_sr.html http://www.ubuntu.com/usn/usn-365-1 http://secunia.com/advisories/22423 http://secunia.com/advisories/22473 http://www.securityfocus.com/bid/20565 http://secunia.com/advisories/22445 http://www.mandriva.com/security/advisories?name=MDKSA-2006:183 https://exchange.xforce.ibmcloud.com/vulnerabilities/29621