The SigSpoof is a topic that has captured people's attention over the years. With its impact on society and culture, this topic has generated constant debate and has left a mark on history. From its origin to current trends, SigSpoof has evolved and maintained its relevance in different contexts. In this article we will explore the various facets and perspectives related to SigSpoof, examining its influence in different areas and its role in everyday life.
This article may be too technical for most readers to understand.(September 2018) |
CVE identifier(s) | CVE-2018-12020 |
---|---|
Date discovered | June 2018 |
Discoverer | Marcus Brinkmann |
Affected software | GNU Privacy Guard (GnuPG) from v0.2.2 to v2.2.8. |
SigSpoof (CVE-2018-12020) is a family of security vulnerabilities that affected the software package GNU Privacy Guard ("GnuPG") since version 0.2.2, that was released in 1998. Several other software packages that make use of GnuPG were also affected, such as Pass and Enigmail.
In un-patched versions of affected software, SigSpoof attacks allow cryptographic signatures to be convincingly spoofed, under certain circumstances. This potentially enables a wide range of subsidiary attacks to succeed.