Lucene search
DebianDEBIAN:561B181C4F93C08D3EB04AA3891F89D0:F9725HistoryJun 02, 2014 - 7:50 a.m.
gnutls26 security update
2014-06-0207:50:57
lists.debian.org
8
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.708 High
EPSS
Percentile
98.0%
Package : gnutls26
Version : 2.8.6-1+squeeze4
CVE ID : CVE-2014-3466
Joonas Kuorilehto discovered that GNU TLS performed insufficient
validation of session IDs during TLS/SSL handshakes. A malicious
server could use this to execute arbitrary code or perform denial
or service.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | s390x | libgnutls-openssl27 | < 2.12.20-8+deb7u2 | libgnutls-openssl27_2.12.20-8+deb7u2_s390x.deb |
| Debian | 7 | i386 | libgnutls-dev | < 2.12.20-8+deb7u2 | libgnutls-dev_2.12.20-8+deb7u2_i386.deb |
| Debian | 7 | sparc | libgnutlsxx27 | < 2.12.20-8+deb7u2 | libgnutlsxx27_2.12.20-8+deb7u2_sparc.deb |
| Debian | 7 | amd64 | libgnutlsxx27 | < 2.12.20-8+deb7u2 | libgnutlsxx27_2.12.20-8+deb7u2_amd64.deb |
| Debian | 6 | all | gnutls-doc | < 2.8.6-1+squeeze4 | gnutls-doc_2.8.6-1+squeeze4_all.deb |
| Debian | 7 | armel | gnutls-bin | < 3.0.22-3+really2.12.20-8+deb7u2 | gnutls-bin_3.0.22-3+really2.12.20-8+deb7u2_armel.deb |
| Debian | 7 | s390 | libgnutls26-dbg | < 2.12.20-8+deb7u2 | libgnutls26-dbg_2.12.20-8+deb7u2_s390.deb |
| Debian | 6 | amd64 | guile-gnutls | < 2.8.6-1+squeeze4 | guile-gnutls_2.8.6-1+squeeze4_amd64.deb |
| Debian | 7 | armhf | libgnutls-openssl27 | < 2.12.20-8+deb7u2 | libgnutls-openssl27_2.12.20-8+deb7u2_armhf.deb |
| Debian | 7 | powerpc | libgnutlsxx27 | < 2.12.20-8+deb7u2 | libgnutlsxx27_2.12.20-8+deb7u2_powerpc.deb |
Related
nessus
nessus
RHEL 6 : gnutls (RHSA-2014:0595)
2014-06-04 00:00:00
FreeBSD : gnutls -- client-side memory corruption (027af74d-eb56-11e3-9032-000c2980a9f3)
2014-06-04 00:00:00
Ubuntu 14.04 LTS : GnuTLS vulnerability (USN-2229-1)
2014-06-03 00:00:00
osv
osv
gnutls26 - security update
2014-06-01 00:00:00
f5
f5
K15345 : GnuTLS vulnerability CVE-2014-3466
2014-10-17 00:00:00
SOL15345 - GnuTLS vulnerability CVE-2014-3466
2014-06-19 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:52:35
Denial Of Service (DoS)
2019-05-02 05:03:32
redhat
redhat
(RHSA-2014:0595) Important: gnutls security update
2014-06-03 00:00:00
(RHSA-2014:0684) Important: gnutls security update
2014-06-10 00:00:00
(RHSA-2014:0594) Important: gnutls security update
2014-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2014-3466
2014-06-01 00:00:00
freebsd
freebsd
gnutls -- client-side memory corruption
2014-05-14 00:00:00
gnutls -- client-side memory corruption
2014-05-14 00:00:00
centos
centos
gnutls security update
2014-06-04 09:21:48
gnutls security update
2014-06-04 09:31:23
openvas
openvas
RedHat Update for gnutls RHSA-2014:0595-01
2014-06-09 00:00:00
Ubuntu: Security Advisory (USN-2229-1)
2014-06-09 00:00:00
CentOS Update for gnutls CESA-2014:0595 centos6
2014-06-09 00:00:00
oraclelinux
oraclelinux
gnutls security update
2014-06-03 00:00:00
gnutls security update
2014-07-23 00:00:00
gnutls security update
2014-06-03 00:00:00
thn
thn
Critical GnuTLS Flaw Leaves SSL Clients Vulnerable to Remote Code Execution
2014-06-04 02:15:00
prion
prion
Buffer overflow
2014-06-03 14:55:00
ubuntu
ubuntu
GnuTLS vulnerability
2014-06-02 00:00:00
checkpoint_advisories
checkpoint_advisories
GnuTLS Server Hello Session ID Heap Buffer Overflow (CVE-2014-3466)
2014-06-08 00:00:00
debian
debian
gnutls26 security update
2014-06-02 07:51:19
[SECURITY] [DSA 2944-1] gnutls26 security update
2014-06-01 08:38:52
cve
cve
CVE-2014-3466
2014-06-03 14:55:00
amazon
amazon
Important: gnutls
2014-06-05 15:38:00
debiancve
debiancve
CVE-2014-3466
2014-06-03 14:55:00
suse
suse
gnutls: Fixed possible memory corruption and NULL pointer dereference (important)
2014-06-06 11:04:14
gnutls: Fixed possible memory corruption (important)
2014-06-06 12:23:49
Security update for gnutls (important)
2014-06-05 03:04:15
fedora
fedora
[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.25-1.fc20
2014-06-10 03:11:44
[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.25-1.fc19
2014-06-10 03:08:23
[SECURITY] Fedora 20 Update: gnutls-3.1.25-1.fc20
2014-06-04 07:53:52
mageia
mageia
Updated gnutls packages fix CVE-2104-3465-6
2014-06-02 22:47:21
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2014-06-13 00:00:00
securityvulns
securityvulns
GnuTLS and libtasn1 multiple security vulnerabilities
2014-06-02 00:00:00
[oss-security] GnuTLS and libtasn1 security fixes
2014-06-02 00:00:00
slackware
slackware
[slackware-security] gnutls
2014-06-06 05:26:16
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.708 High
EPSS
Percentile
98.0%
Related for DEBIAN:561B181C4F93C08D3EB04AA3891F89D0:F9725