Unrated severityNVD Advisory· Published Feb 23, 2006· Updated Apr 16, 2026

CVE-2006-0803

Description

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

Affected products

Novell/Suse Linux
cpe:2.3:o:novell:suse_linux:10.0:*:*:*:*:*:*:*
SUSE S.A./Linux
cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.novell.com/linux/security/advisories/2006_09_gpg.htmlnvdVendor Advisory
www.novell.com/linux/security/advisories/2006_13_gpg.htmlnvd
www.securityfocus.com/bid/16889nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000