ElGamal Key Reuse Vulnerability in GnuPG (GPG) 1.0.2 - 1.2.3

ElGamal Key Reuse Vulnerability in GnuPG (GPG) 1.0.2 - 1.2.3

CVE-2003-0971 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.

Learn more about our Web Application Penetration Testing UK.