SigSpoof
   HOME

TheInfoList



Click Here for Items Related To - SigSpoof
OR:
SigSpoof on:   [Wikipedia]   [Google]   [Amazon]

SigSpoof () is a family of
security vulnerabilities Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by ...
that affected the software package
GNU Privacy Guard GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable ...
("GnuPG") since version 0.2.2, that was released in 1998. Several other software packages that make use of GnuPG were also affected, such as
Pass Pass, PASS, The Pass or Passed may refer to: Places * Pass, County Meath, a townland in Ireland * Pass, Poland, a village in Poland * Pass, an alternate term for a number of straits: see List of straits * Mountain pass, a lower place in a moun ...
and
Enigmail Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and the Postbox that provides OpenPGP public key e-mail encryption and signing. Enigmail works under Microsoft Windows, Unix-like, and Mac OS X operating systems. Enigm ...
. In un-
patch Patch or Patches may refer to: Arts, entertainment and media * Patch Johnson, a fictional character from ''Days of Our Lives'' * Patch (''My Little Pony''), a toy * "Patches" (Dickey Lee song), 1962 * "Patches" (Chairmen of the Board song) ...
ed versions of affected software, SigSpoof attacks allow
cryptographic signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
s to be convincingly spoofed, under certain circumstances. This potentially enables a wide range of subsidiary attacks to succeed.


References

Vulnerability Computer security exploits {{computer-security-stub