Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2441-1:79B66
HistoryMar 25, 2012 - 6:53 p.m.

[SECURITY] [DSA 2441-1] gnutls26 security update

2012-03-2518:53:32
lists.debian.org
13

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.956 High

EPSS

Percentile

99.4%

JSON

Debian Security Advisory DSA-2441-1 [email protected]
http://www.debian.org/security/ Florian Weimer
March 25, 2012 http://www.debian.org/security/faq

Package : gnutls26
Vulnerability : missing bounds check
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-1573

Matthew Hall discovered that GNUTLS does not properly handle truncated
GenericBlockCipher structures nested inside TLS records, leading to
crashes in applications using the GNUTLS library.

For the stable distribution (squeeze), this problem has been fixed in
version 2.8.6-1+squeeze2.

For the unstable distribution (sid), this problem has been fixed in
version 2.12.18-1 of the gnutls26 package and version 3.0.17-2 of the
gnutls28 package.

We recommend that you upgrade your gnutls26 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6amd64libgnutls26-dbg< 2.8.6-1+squeeze2libgnutls26-dbg_2.8.6-1+squeeze2_amd64.deb
Debian6i386libgnutls26-dbg< 2.8.6-1+squeeze2libgnutls26-dbg_2.8.6-1+squeeze2_i386.deb
Debian6ia64libgnutls-dev< 2.8.6-1+squeeze2libgnutls-dev_2.8.6-1+squeeze2_ia64.deb
Debian6mipselguile-gnutls< 2.8.6-1+squeeze2guile-gnutls_2.8.6-1+squeeze2_mipsel.deb
Debian6armelguile-gnutls< 2.8.6-1+squeeze2guile-gnutls_2.8.6-1+squeeze2_armel.deb
Debian6mipslibgnutls26< 2.8.6-1+squeeze2libgnutls26_2.8.6-1+squeeze2_mips.deb
Debian6kfreebsd-amd64guile-gnutls< 2.8.6-1+squeeze2guile-gnutls_2.8.6-1+squeeze2_kfreebsd-amd64.deb
Debian6mipslibgnutls-dev< 2.8.6-1+squeeze2libgnutls-dev_2.8.6-1+squeeze2_mips.deb
Debian6ia64libgnutls26-dbg< 2.8.6-1+squeeze2libgnutls26-dbg_2.8.6-1+squeeze2_ia64.deb
Debian6allgnutls26< 2.8.6-1+squeeze2gnutls26_2.8.6-1+squeeze2_all.deb
Rows per page:
1-10 of 571

Related

fedora 4
nessus 25
prion 1
cve 1
openvas 27
debiancve 1
freebsd 1
checkpoint_advisories 1
veracode 1
ubuntucve 1
oraclelinux 2
centos 2
redhat 4
amazon 1
ubuntu 1
gentoo 1
slackware 1
suse 1
vmware 2
fedora
fedora
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 17:54:06
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 03:57:43
[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15
2012-04-11 03:49:48
nessus
nessus
Mandriva Linux Security Advisory : gnutls (MDVSA-2012:040)
2012-03-28 00:00:00
Oracle Solaris Third-Party Patch Update : gnutls (cve_2012_1573_denial_of)
2015-01-19 00:00:00
Fedora 16 : gnutls-2.12.14-2.fc16 (2012-4578)
2012-03-26 00:00:00
prion
prion
Memory corruption
2012-03-26 19:55:00
cve
cve
CVE-2012-1573
2012-03-26 19:55:00
openvas
openvas
Mandriva Update for gnutls MDVSA-2012:040 (gnutls)
2012-08-03 00:00:00
FreeBSD Ports: gnutls
2012-04-30 00:00:00
Debian Security Advisory DSA 2441-1 (gnutls26)
2012-04-30 00:00:00
debiancve
debiancve
CVE-2012-1573
2012-03-26 19:55:00
freebsd
freebsd
gnutls -- possible overflow/Denial of service vulnerabilities
2012-03-20 00:00:00
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow (CVE-2012-1573)
2012-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:12:39
ubuntucve
ubuntucve
CVE-2012-1573
2012-03-26 00:00:00
oraclelinux
oraclelinux
gnutls security update
2012-03-28 00:00:00
gnutls security update
2012-03-27 00:00:00
centos
centos
gnutls security update
2012-03-28 01:12:42
gnutls security update
2012-03-28 00:49:15
redhat
redhat
(RHSA-2012:0429) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0428) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0488) Important: rhev-hypervisor5 security and bug fix update
2012-04-17 00:00:00
amazon
amazon
Important: gnutls
2012-04-05 12:47:00
ubuntu
ubuntu
GnuTLS vulnerabilities
2012-04-05 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2012-06-23 00:00:00
slackware
slackware
[slackware-security] gnutls
2013-10-15 00:18:30
suse
suse
Security update for gnutls (critical)
2014-03-04 01:04:52
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.956 High

EPSS

Percentile

99.4%

JSON
Related for DEBIAN:DSA-2441-1:79B66
fedora4nessus25prion1cve1openvas27debiancve1freebsd1checkpoint_advisories1veracode1ubuntucve1oraclelinux2centos2redhat4amazon1ubuntu1gentoo1slackware1suse1vmware2