Lucene search

K

PRIOn knowledge basePRION:CVE-2014-3466

HistoryJun 03, 2014 - 2:55 p.m.

Buffer overflow

2014-06-0314:55:00

PRIOn knowledge base

www.prio-n.com

8

8.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.708 High

EPSS

Percentile

98.0%

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

CPENameOperatorVersion
gnutlseq3.3.1
gnutlseq3.3.0 pre0
gnutlseq3.3.3
gnutlseq3.3.0
gnutlseq3.3.2
gnutlseq3.1.0
gnutlseq3.1.11
gnutlseq3.1.13
gnutlseq3.1.20
gnutlseq3.1.19

Rows per page:

1-10 of 471

References

linux.oracle.com/errata/ELSA-2014-0594.html

linux.oracle.com/errata/ELSA-2014-0595.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html

lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html

radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/

rhn.redhat.com/errata/RHSA-2014-0594.html

rhn.redhat.com/errata/RHSA-2014-0595.html

rhn.redhat.com/errata/RHSA-2014-0684.html

rhn.redhat.com/errata/RHSA-2014-0815.html

secunia.com/advisories/58340

secunia.com/advisories/58598

secunia.com/advisories/58601

secunia.com/advisories/58642

secunia.com/advisories/59016

secunia.com/advisories/59021

secunia.com/advisories/59057

secunia.com/advisories/59086

secunia.com/advisories/59408

secunia.com/advisories/59838

secunia.com/advisories/60384

www-01.ibm.com/support/docview.wss?uid=swg21678776

www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155

www.debian.org/security/2014/dsa-2944

www.gnutls.org/security.html

www.novell.com/support/kb/doc.php?id=7015302

www.novell.com/support/kb/doc.php?id=7015303

www.securityfocus.com/bid/67741

www.securitytracker.com/id/1030314

www.ubuntu.com/usn/USN-2229-1

bugzilla.redhat.com/show_bug.cgi?id=1101932

www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd

8.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.708 High

EPSS

Percentile

98.0%

Related for PRION:CVE-2014-3466

nessus29 osv1 f52 veracode2 redhat4 ubuntucve1 freebsd2 centos2 openvas27 ibm2 debian3 oraclelinux3 thn1 ubuntu1 checkpoint_advisories1 cve1 amazon1 debiancve1 suse7 fedora4 mageia1 gentoo1 securityvulns2 slackware1