• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

GnuPG ElGamal Signing Key Private Key Compromise Vulnerability

GnuPG is prone to a vulnerability in the implementation of ElGamal signing keys that could compromise private keys. The vendor has stated that this vulnerability could be practically exploited to compromise private keys in seconds. This vulnerability was introduced as of version 1.0.2 of GnuPG.