4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
69.1%
The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).
Martin von Gagern discovered a flaw in the way GnuTLS verified certificate
chains provided by a server. A malicious server could use this flaw to
spoof its identity by tricking client applications using the GnuTLS library
to trust invalid certificates. (CVE-2008-4989)
Users of GnuTLS are advised to upgrade to these updated packages, which
contain a backported patch that corrects this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ppc64 | gnutls-devel | <Β 1.4.1-3.el5_2.1 | gnutls-devel-1.4.1-3.el5_2.1.ppc64.rpm |
RedHat | 5 | ia64 | gnutls-devel | <Β 1.4.1-3.el5_2.1 | gnutls-devel-1.4.1-3.el5_2.1.ia64.rpm |
RedHat | 5 | x86_64 | gnutls-utils | <Β 1.4.1-3.el5_2.1 | gnutls-utils-1.4.1-3.el5_2.1.x86_64.rpm |
RedHat | 5 | ppc64 | gnutls | <Β 1.4.1-3.el5_2.1 | gnutls-1.4.1-3.el5_2.1.ppc64.rpm |
RedHat | 5 | i386 | gnutls-devel | <Β 1.4.1-3.el5_2.1 | gnutls-devel-1.4.1-3.el5_2.1.i386.rpm |
RedHat | 5 | ppc | gnutls-devel | <Β 1.4.1-3.el5_2.1 | gnutls-devel-1.4.1-3.el5_2.1.ppc.rpm |
RedHat | 5 | s390x | gnutls | <Β 1.4.1-3.el5_2.1 | gnutls-1.4.1-3.el5_2.1.s390x.rpm |
RedHat | 5 | ppc | gnutls | <Β 1.4.1-3.el5_2.1 | gnutls-1.4.1-3.el5_2.1.ppc.rpm |
RedHat | 5 | x86_64 | gnutls | <Β 1.4.1-3.el5_2.1 | gnutls-1.4.1-3.el5_2.1.x86_64.rpm |
RedHat | 5 | i386 | gnutls-utils | <Β 1.4.1-3.el5_2.1 | gnutls-utils-1.4.1-3.el5_2.1.i386.rpm |