CVE-2006-0803 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-0803 Interim 1 3 2021-06-09T08:36:23Z current 2021-05-30T12:34:58Z 2021-06-09T08:36:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-0803 The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2006-03/msg00010.html E-Mail link for SUSE-SA:2006:013 https://www.suse.com/support/security/rating/ SUSE Security Ratings The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. CVE-2006-0803 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N