Lucene search
F5F5:K15637HistoryOct 16, 2014 - 12:00 a.m.
K15637 : GnuTLS vulnerability CVE-2013-2116
2014-10-1600:00:00
my.f5.com
29
Security Advisory Description
The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. (CVE-2013-2116)
Impact
None. No F5 products are affected by this vulnerability.
Note: F5 Product Development has determined that BIG-IP, BIG-IQ, and Enterprise Manager versions ship with vulnerable GnuTLS code. However, the vulnerable code is not used as a server or to make outgoing connections, and is not exploitable.
Related
cvelist
cvelist
nvd
nvd
nessus
nessus
F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)
2014-10-10 00:00:00
Oracle Solaris Third-Party Patch Update : gnutls (cve_2013_1619_cryptographic_issues)
2015-01-19 00:00:00
SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 8616)
2013-06-21 00:00:00
ubuntucve
ubuntucve
cve
cve
f5
f5
SOL15637 - GnuTLS vulnerability CVE-2013-2116
2014-10-06 00:00:00
K14190 : TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2015-04-30 00:00:00
SOL14190 - TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2013-02-08 00:00:00
prion
prion
Design/Logic Flaw
2013-07-03 18:55:00
Design/Logic Flaw
2013-02-08 19:55:00
Design/Logic Flaw
2013-02-08 19:55:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:54:18
Timing Attacks
2017-02-10 05:59:15
Timing Side- Channel Attack
2019-01-15 08:52:54
openvas
openvas
Ubuntu Update for gnutls26 USN-1843-1
2013-05-31 00:00:00
Fedora Update for gnutls FEDORA-2013-9792
2013-06-13 00:00:00
Fedora Update for gnutls FEDORA-2013-9799
2013-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: gnutls-2.12.23-2.fc18
2013-06-11 09:08:17
[SECURITY] Fedora 17 Update: gnutls-2.12.23-2.fc17
2013-06-11 09:19:26
[SECURITY] Fedora 17 Update: mingw-gnutls-2.12.23-2.fc17
2013-06-11 09:10:43
securityvulns
securityvulns
[ MDVSA-2013:171 ] gnutls
2013-06-03 00:00:00
gnutls DoS
2013-06-03 00:00:00
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Decoding Out-of-bounds Memory Access (CVE-2013-2116)
2013-08-25 00:00:00
ubuntu
ubuntu
GnuTLS vulnerability
2013-05-29 00:00:00
debian
debian
[SECURITY] [DSA 2697-1] gnutls26 security update
2013-05-29 19:59:26
suse
suse
Security update for GnuTLS (important)
2013-07-04 22:04:13
Security update for GnuTLS (important)
2013-06-20 22:04:17
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
2013-03-01 18:04:30
ibm
ibm
Security Bulletin: Potential security vulnerabilities in WebSphere Partner Gateway Express for the Oracle CPU April 2013.
2022-09-25 21:06:56
Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-0169)
2018-06-17 04:48:04
Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-0169)
2018-06-17 04:47:31
openssl
openssl
Vulnerability in OpenSSL CVE-2013-0169
2013-02-04 00:00:00
Vulnerability in OpenSSL CVE-2016-2107
2016-05-03 00:00:00
slackware
slackware
openssl
2013-02-11 23:49:59
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
hackerone
hackerone
Legal Robot: LUCKY13 (CVE-2013-0169) effects legalrobot.com
2017-07-30 20:00:47
pentestpartners
pentestpartners
Vulnerabilities that (mostly) aren’t: LUCKY13
2024-05-03 05:12:27
debiancve
debiancve
centos
centos
gnutls security update
2013-05-30 18:50:13
java security update
2013-02-20 20:11:32
oraclelinux
oraclelinux
gnutls security update
2013-05-30 00:00:00
java-1.6.0-openjdk security update
2013-02-20 00:00:00
java-1.6.0-openjdk security update
2013-02-20 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2013-10-28 00:00:00
amazon
amazon
Important: gnutls
2013-06-11 22:44:00
Important: java-1.6.0-openjdk
2013-03-02 16:50:00
Critical: openssl
2014-04-07 17:26:00
redhat
redhat
(RHSA-2013:0883) Important: gnutls security update
2013-05-30 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
osv
osv
Improper Input Validation in Bouncy Castle
2022-05-14 02:14:04
CVE-2016-2107
2016-05-05 01:59:00
openssl - several vulnerabilities
2013-02-13 00:00:00
freebsd
freebsd
FreeBSD -- OpenSSL multiple vulnerabilities
2013-04-02 00:00:00