{"result": {"cve": [{"id": "CVE-2014-0092", "type": "cve", "title": "CVE-2014-0092", "description": "lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.", "published": "2014-03-06T19:10:53", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0092", "cvelist": ["CVE-2014-0092"], "lastseen": "2017-04-18T15:54:21"}], "f5": [{"id": "SOL15160", "type": "f5", "title": "SOL15160 - GnuTLS vulnerability CVE-2014-0092", "description": "Recommended action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nFor affected ARX systems, F5 recommends that you expose the management interface only on trusted networks.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2014-04-10T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15160.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:22:54"}], "nessus": [{"id": "OPENSUSE-2014-181.NASL", "type": "nessus", "title": "openSUSE Security Update : gnutls (openSUSE-SU-2014:0325-1)", "description": "The gnutls library was updated to fixed x509 certificate validation problems, where man-in-the-middle attackers could hijack SSL connections.\n\nThis update also reenables Elliptic Curve support to meet current day cryptographic requirements.", "published": "2014-06-13T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75274", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:25:29"}, {"id": "DEBIAN_DSA-2869.NASL", "type": "nessus", "title": "Debian DSA-2869-1 : gnutls26 - incorrect certificate verification", "description": "Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported sucessfully even in cases were an error would prevent all verification steps to be performed.\n\nAn attacker doing a man-in-the-middle of a TLS connection could use this vulnerability to present a carefully crafted certificate that would be accepted by GnuTLS as valid even if not signed by one of the trusted authorities.", "published": "2014-03-04T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72782", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:24:09"}, {"id": "CENTOS_RHSA-2014-0246.NASL", "type": "nessus", "title": "CentOS 6 : gnutls (CESA-2014:0246)", "description": "Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS).\n\nIt was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nThe CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted.", "published": "2014-03-05T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72803", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:26:15"}, {"id": "OPENSUSE-2014-183.NASL", "type": "nessus", "title": "openSUSE Security Update : gnutls (openSUSE-SU-2014:0328-1)", "description": "The gnutls library was updated to fix SSL certificate validation.\nRemote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not.", "published": "2014-06-13T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75276", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:25:26"}, {"id": "ORACLELINUX_ELSA-2014-0246.NASL", "type": "nessus", "title": "Oracle Linux 6 : gnutls (ELSA-2014-0246)", "description": "From Red Hat Security Advisory 2014:0246 :\n\nUpdated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS).\n\nIt was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nThe CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted.", "published": "2014-03-04T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72791", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:26:31"}, {"id": "REDHAT-RHSA-2014-0288.NASL", "type": "nessus", "title": "RHEL 5 / 6 : gnutls (RHSA-2014:0288)", "description": "Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.3, 5.6 and 6.2 Long Life, and Red Hat Enterprise Linux 5.9, 6.3 and 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS).\n\nIt was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nThis issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted.", "published": "2014-11-08T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79001", "cvelist": ["CVE-2014-0092"], "lastseen": "2017-01-06T22:13:06"}, {"id": "FEDORA_2014-3454.NASL", "type": "nessus", "title": "Fedora 20 : mingw-gnutls-3.1.22-1.fc20 (2014-3454)", "description": "Version 3.1.22 (released 2014-03-03)\n\n - libgnutls: Corrected certificate verification issue (GNUTLS-SA-2014-2)\n\n - libgnutls: Corrected issue in gnutls_pcert_list_import_x509_raw when provided with invalid data. Reported by Dmitriy Anisimkov.\n\n - libgnutls: Corrected timeout issue in subsequent to the first DTLS handshakes.\n\n - libgnutls: Removed unconditional not-trusted message in gnutls_certificate_verification_status_print() when used with OpenPGP certificates. Reported by Michel Briand.\n\n - libgnutls: All ciphersuites that were available in TLS1.0 or later are now made available in SSL3.0 or later to prevent any incompatibilities with servers that negotiate them in SSL 3.0.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-03-17T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73036", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:26:28"}, {"id": "SL_20140303_GNUTLS_ON_SL6_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : gnutls on SL6.x i386/x86_64", "description": "It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nFor the update to take effect, all applications linked to the GnuTLS library must be restarted.", "published": "2014-03-04T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72796", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:25:57"}, {"id": "FEDORA_2014-3363.NASL", "type": "nessus", "title": "Fedora 19 : gnutls-3.1.20-4.fc19 (2014-3363)", "description": "fixes CVE-2014-0092\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-03-07T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72868", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:24:11"}, {"id": "SOLARIS11_GNUTLS_20140915.NASL", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : gnutls (cve_2014_0092_cryptographic_issues)", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. (CVE-2014-0092)", "published": "2015-01-19T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80631", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T17:23:38"}], "suse": [{"id": "OPENSUSE-SU-2014:0325-1", "type": "suse", "title": "gnutls: fixed SSL certificate validation problems (critical)", "description": "The gnutls library was updated to fixed x509 certificate\n validation problems, where man-in-the-middle attackers\n could hijack SSL connections.\n\n This update also reenables Elliptic Curve support to meet\n current day cryptographic requirements.\n\n", "published": "2014-03-05T08:04:11", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00006.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-04T12:38:06"}, {"id": "SUSE-SU-2014:0324-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n", "published": "2014-03-04T18:04:13", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00005.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-04T12:23:22"}, {"id": "OPENSUSE-SU-2014:0328-1", "type": "suse", "title": "gnutls: fixed SSL certificate validation (critical)", "description": "The gnutls library was updated to fix SSL certificate\n validation. Remote man-in-the-middle attackers were able to\n make the verification believe that a SSL certificate is\n valid even though it was not.\n\n", "published": "2014-03-05T19:04:13", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00007.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-04T12:32:46"}, {"id": "SUSE-SU-2014:0321-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n", "published": "2014-03-04T01:06:51", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00002.html", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-09-04T11:55:38"}, {"id": "OPENSUSE-SU-2014:0346-1", "type": "suse", "title": "gnutls (critical)", "description": "The gnutls library was updated to fix SSL certificate\n validation. Remote man-in-the-middle attackers were able to\n make the verification believe that a SSL certificate is\n valid even though it was not. Also the TLS-CBC timing\n attack vulnerability was fixed.\n\n", "published": "2014-03-08T19:04:13", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00009.html", "cvelist": ["CVE-2013-1619", "CVE-2014-0092"], "lastseen": "2016-09-04T11:35:13"}, {"id": "SUSE-SU-2014:0323-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n\n Additionally, a memory leak in PSK authentication was\n fixed. bnc#835760\n\n Security Issues:\n\n * CVE-2014-0092\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092</a>\n >\n\n", "published": "2014-03-04T01:08:22", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00004.html", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-09-04T12:33:55"}, {"id": "SUSE-SU-2014:0445-1", "type": "suse", "title": "Security update for gnutls (important)", "description": "The GNUTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n\n Additionally, a memory leak in PSK authentication was\n fixed. (bnc#835760)\n\n Security Issues references:\n\n * CVE-2014-0092\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092</a>\n >\n * CVE-2009-5138\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138</a>\n >\n\n", "published": "2014-03-25T19:04:38", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00020.html", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-09-04T12:43:04"}, {"id": "SUSE-SU-2014:0319-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n\n Additionally a memory leak in PSK authentication has been\n fixed (bnc#835760).\n", "published": "2014-03-04T01:04:17", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-09-04T12:01:48"}, {"id": "SUSE-SU-2014:0322-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n * CVE-2013-2116: The _gnutls_ciphertext2compressed\n function in lib/gnutls_cipher.c in GnuTLS allowed remote\n attackers to cause a denial of service (buffer over-read\n and crash) via a crafted padding length.\n * CVE-2013-1619: Timing attacks against hashing of\n padding was fixed which might have allowed disclosure of\n keys. (Lucky13 attack).\n\n Also the following non-security bugs have been fixed:\n\n * gnutls doesn't like root CAs without Basic\n Constraints. Permit V1 Certificate Authorities properly\n (bnc#760265)\n * memory leak in PSK authentication (bnc#835760)\n", "published": "2014-03-04T01:07:15", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html", "cvelist": ["CVE-2013-1619", "CVE-2009-5138", "CVE-2014-0092", "CVE-2013-2116"], "lastseen": "2016-09-04T12:09:51"}, {"id": "SUSE-SU-2014:0320-1", "type": "suse", "title": "Security update for gnutls (critical)", "description": "The GnuTLS library received a critical security fix and\n other updates:\n\n * CVE-2014-0092: The X.509 certificate verification had\n incorrect error handling, which could lead to broken\n certificates marked as being valid.\n * CVE-2009-5138: A verification problem in handling V1\n certificates could also lead to V1 certificates incorrectly\n being handled.\n * CVE-2013-2116: The _gnutls_ciphertext2compressed\n function in lib/gnutls_cipher.c in GnuTLS allowed remote\n attackers to cause a denial of service (buffer over-read\n and crash) via a crafted padding length.\n * CVE-2013-1619: The TLS implementation in GnuTLS did\n not properly consider timing side-channel attacks on a\n noncompliant MAC check operation during the processing of\n malformed CBC padding, which allows remote attackers to\n conduct distinguishing attacks and plaintext-recovery\n attacks via statistical analysis of timing data for crafted\n packets, a related issue to CVE-2013-0169. (Lucky13)\n * CVE-2012-1569: The asn1_get_length_der function in\n decoding.c in GNU Libtasn1 , as used in GnuTLS did not\n properly handle certain large length values, which allowed\n remote attackers to cause a denial of service (heap memory\n corruption and application crash) or possibly have\n unspecified other impact via a crafted ASN.1 structure.\n * CVE-2012-1573: gnutls_cipher.c in libgnutls in GnuTLS\n did not properly handle data encrypted with a block cipher,\n which allowed remote attackers to cause a denial of service\n (heap memory corruption and application crash) via a\n crafted record, as demonstrated by a crafted\n GenericBlockCipher structure.\n * CVE-2012-0390: The DTLS implementation in GnuTLS\n executed certain error-handling code only if there is a\n specific relationship between a padding length and the\n ciphertext size, which made it easier for remote attackers\n to recover partial plaintext via a timing side-channel\n attack, a related issue to CVE-2011-4108.\n\n Also some non security bugs have been fixed:\n\n * Did some more s390x size_t vs int fixes. (bnc#536809,\n bnc#659128)\n * re-enabled "legacy negotiation" (bnc#554084)\n * fix safe-renegotiation for sle10sp3 and sle10sp4 bug\n (bnc#554084)\n * fix bug bnc#536809, fix gnutls-cli to abort\n connection after detecting a bad certificate\n", "published": "2014-03-04T01:04:52", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html", "cvelist": ["CVE-2011-4108", "CVE-2013-0169", "CVE-2013-1619", "CVE-2009-5138", "CVE-2014-0092", "CVE-2012-0390", "CVE-2012-1569", "CVE-2012-1573", "CVE-2013-2116"], "lastseen": "2016-09-04T12:38:49"}], "debian": [{"id": "DSA-2869", "type": "debian", "title": "gnutls26 -- incorrect certificate verification", "description": "Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported sucessfully even in cases were an error would prevent all verification steps to be performed.\n\nAn attacker doing a man-in-the-middle of a TLS connection could use this vulnerability to present a carefully crafted certificate that would be accepted by GnuTLS as valid even if not signed by one of the trusted authorities.\n\nFor the oldstable distribution (squeeze), this problem has been fixed in version 2.8.6-1+squeeze3.\n\nFor the stable distribution (wheezy), this problem has been fixed in version 2.12.20-8+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in version 2.12.23-13.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.12.23-13.\n\nWe recommend that you upgrade your gnutls26 packages.", "published": "2014-03-03T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://www.debian.org/security/dsa-2869", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-02T18:30:43"}], "amazon": [{"id": "ALAS-2014-301", "type": "amazon", "title": "Important: gnutls", "description": "**Issue Overview:**\n\nIt was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. ([CVE-2014-0092 __](<https://access.redhat.com/security/cve/CVE-2014-0092>))\n\n \n**Affected Packages:** \n\n\ngnutls\n\n \n**Issue Correction:** \nRun _yum update gnutls_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n gnutls-guile-2.8.5-13.11.amzn1.i686 \n gnutls-utils-2.8.5-13.11.amzn1.i686 \n gnutls-devel-2.8.5-13.11.amzn1.i686 \n gnutls-2.8.5-13.11.amzn1.i686 \n gnutls-debuginfo-2.8.5-13.11.amzn1.i686 \n \n src: \n gnutls-2.8.5-13.11.amzn1.src \n \n x86_64: \n gnutls-2.8.5-13.11.amzn1.x86_64 \n gnutls-devel-2.8.5-13.11.amzn1.x86_64 \n gnutls-debuginfo-2.8.5-13.11.amzn1.x86_64 \n gnutls-guile-2.8.5-13.11.amzn1.x86_64 \n gnutls-utils-2.8.5-13.11.amzn1.x86_64 \n \n \n", "published": "2014-03-06T14:58:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://alas.aws.amazon.com/ALAS-2014-301.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-28T21:03:57"}], "openvas": [{"id": "OPENVAS:702869", "type": "openvas", "title": "Debian Security Advisory DSA 2869-1 (gnutls26 - incorrect certificate verification)", "description": "Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate\nverification issue in GnuTLS, an SSL/TLS library. A certificate\nvalidation could be reported successfully even in cases were an error\nwould prevent all verification steps to be performed.\n\nAn attacker doing a man-in-the-middle of a TLS connection could use this\nvulnerability to present a carefully crafted certificate that would be\naccepted by GnuTLS as valid even if not signed by one of the trusted\nauthorities.", "published": "2014-03-03T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=702869", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:04"}, {"id": "OPENVAS:850574", "type": "openvas", "title": "SuSE Update for gnutls openSUSE-SU-2014:0328-1 (gnutls)", "description": "Check for the Version of gnutls", "published": "2014-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=850574", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:13"}, {"id": "OPENVAS:850575", "type": "openvas", "title": "SuSE Update for gnutls openSUSE-SU-2014:0325-1 (gnutls)", "description": "Check for the Version of gnutls", "published": "2014-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=850575", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:11"}, {"id": "OPENVAS:841746", "type": "openvas", "title": "Ubuntu Update for gnutls26 USN-2127-1", "description": "Check for the Version of gnutls26", "published": "2014-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841746", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:18"}, {"id": "OPENVAS:120522", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2014-301", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=120522", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-11-16T16:46:21"}, {"id": "OPENVAS:881893", "type": "openvas", "title": "CentOS Update for gnutls CESA-2014:0246 centos6 ", "description": "Check for the Version of gnutls", "published": "2014-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881893", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:04"}, {"id": "OPENVAS:871132", "type": "openvas", "title": "RedHat Update for gnutls RHSA-2014:0246-01", "description": "Check for the Version of gnutls", "published": "2014-03-04T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=871132", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-26T20:42:06"}, {"id": "OPENVAS:867604", "type": "openvas", "title": "Fedora Update for mingw-gnutls FEDORA-2014-3454", "description": "Check for the Version of mingw-gnutls", "published": "2014-03-17T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867604", "cvelist": ["CVE-2014-0092", "CVE-2014-1959"], "lastseen": "2016-09-26T20:42:15"}, {"id": "OPENVAS:851009", "type": "openvas", "title": "SuSE Update for gnutls SUSE-SU-2014:0323-1 (gnutls)", "description": "Check the version of gnutls", "published": "2015-10-16T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=851009", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2017-06-07T07:53:42"}, {"id": "OPENVAS:867573", "type": "openvas", "title": "Fedora Update for gnutls FEDORA-2014-3413", "description": "Check for the Version of gnutls", "published": "2014-03-12T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867573", "cvelist": ["CVE-2014-0092", "CVE-2014-1959"], "lastseen": "2016-09-26T20:42:08"}], "redhat": [{"id": "RHSA-2014:0246", "type": "redhat", "title": "(RHSA-2014:0246) Important: gnutls security update", "description": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nIt was discovered that GnuTLS did not correctly handle certain errors that\ncould occur during the verification of an X.509 certificate, causing it to\nincorrectly report a successful verification. An attacker could use this\nflaw to create a specially crafted certificate that could be accepted by\nGnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nThe CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the\nRed Hat Security Technologies Team.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncorrect this issue. For the update to take effect, all applications linked\nto the GnuTLS library must be restarted.\n", "published": "2014-03-03T05:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2014:0246", "cvelist": ["CVE-2014-0092"], "lastseen": "2017-03-10T07:18:42"}, {"id": "RHSA-2014:0247", "type": "redhat", "title": "(RHSA-2014:0247) Important: gnutls security update", "description": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS).\n\nIt was discovered that GnuTLS did not correctly handle certain errors that\ncould occur during the verification of an X.509 certificate, causing it to\nincorrectly report a successful verification. An attacker could use this\nflaw to create a specially crafted certificate that could be accepted by\nGnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nA flaw was found in the way GnuTLS handled version 1 X.509 certificates.\nAn attacker able to obtain a version 1 certificate from a trusted\ncertificate authority could use this flaw to issue certificates for other\nsites that would be accepted by GnuTLS as valid. (CVE-2009-5138)\n\nThe CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the\nRed Hat Security Technologies Team.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncorrect these issues. For the update to take effect, all applications\nlinked to the GnuTLS library must be restarted.\n", "published": "2014-03-03T05:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2014:0247", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-09-04T11:17:45"}, {"id": "RHSA-2014:0339", "type": "redhat", "title": "(RHSA-2014:0339) Important: rhev-hypervisor6 security update", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was discovered that GnuTLS did not correctly handle certain errors that\ncould occur during the verification of an X.509 certificate, causing it to\nincorrectly report a successful verification. An attacker could use this\nflaw to create a specially crafted certificate that could be accepted by\nGnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092)\n\nA flaw was found in the way the get_rx_bufs() function in the vhost_net\nimplementation in the Linux kernel handled error conditions reported by the\nvhost_get_vq_desc() function. A privileged guest user could use this flaw\nto crash the host. (CVE-2014-0055)\n\nA heap-based buffer overflow flaw was found in the Linux kernel's cdc-wdm\ndriver, used for USB CDC WCM device management. An attacker with physical\naccess to a system could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2013-1860)\n\nThe CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the\nRed Hat Security Technologies Team.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2014-0101, and CVE-2014-0069 (kernel issues)\n\nCVE-2010-2596, CVE-2013-1960, CVE-2013-1961, CVE-2013-4231, CVE-2013-4232,\nCVE-2013-4243, and CVE-2013-4244 (libtiff issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "published": "2014-03-31T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2014:0339", "cvelist": ["CVE-2013-4232", "CVE-2013-1960", "CVE-2013-1860", "CVE-2010-2596", "CVE-2013-4243", "CVE-2013-1961", "CVE-2014-0092", "CVE-2014-0055", "CVE-2013-4244", "CVE-2013-4231", "CVE-2014-0101", "CVE-2014-0069"], "lastseen": "2017-03-03T19:18:19"}], "slackware": [{"id": "SSA-2014-062-01", "type": "slackware", "title": "gnutls", "description": "New gnutls packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/gnutls-3.1.22-i486-1_slack14.1.txz: Upgraded.\n Fixed a security issue where a specially crafted certificate could\n bypass certificate validation checks.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092\n (* Security fix *)\n\nThanks to mancha for backporting the patch for Slackware 13.0, 13.1, 13.37, and 14.0!\n\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/gnutls-2.8.4-i486-3_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/gnutls-2.8.4-x86_64-3_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/gnutls-2.8.6-i486-3_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/gnutls-2.8.6-x86_64-3_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/gnutls-2.10.5-i486-3_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/gnutls-2.10.5-x86_64-3_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnutls-3.0.31-i486-3_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnutls-3.0.31-x86_64-3_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnutls-3.1.22-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnutls-3.1.22-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-3.1.22-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnutls-3.1.22-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n20c1c57f2f807e0a825fea258e393247 gnutls-2.8.4-i486-3_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n053267a6b918756369d9d9b95182f7a9 gnutls-2.8.4-x86_64-3_slack13.0.txz\n\nSlackware 13.1 package:\n412c5bcc3cf65fc57cc117459be3e2fe gnutls-2.8.6-i486-3_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n58b0d65ecd1c457fb484cc98c7cbb327 gnutls-2.8.6-x86_64-3_slack13.1.txz\n\nSlackware 13.37 package:\nbf93e57188e4bf8b3f4978507c035847 gnutls-2.10.5-i486-3_slack13.37.txz\n\nSlackware x86_64 13.37 package:\ne8975f0e48d3f15687fbf407db6d9740 gnutls-2.10.5-x86_64-3_slack13.37.txz\n\nSlackware 14.0 package:\nb6b4b1f1756cc7857ddb430c8c52cbb0 gnutls-3.0.31-i486-3_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd4de153fe1a64c1d1291e0242489957d gnutls-3.0.31-x86_64-3_slack14.0.txz\n\nSlackware 14.1 package:\na91ba05b256cceff004ae2cdc08e3239 gnutls-3.1.22-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n8a372d2d52292805ffa59cc8825f47b3 gnutls-3.1.22-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n86da62d25631d150279d3b0df8ce13af n/gnutls-3.1.22-i486-1.txz\n\nSlackware x86_64 -current package:\nb91ff54d6a6109ce24669c5cdb0ffc86 n/gnutls-3.1.22-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gnutls-3.1.22-i486-1_slack14.1.txz", "published": "2014-03-03T16:43:33", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.507575", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-09-07T19:54:36"}], "centos": [{"id": "CESA-2014:0246", "type": "centos", "title": "gnutls security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:0246\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-March/020185.html\n\n**Affected packages:**\ngnutls\ngnutls-devel\ngnutls-guile\ngnutls-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0246.html", "published": "2014-03-04T21:00:04", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-March/020185.html", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-12-05T20:02:52"}, {"id": "CESA-2014:0247", "type": "centos", "title": "gnutls security update", "description": "**CentOS Errata and Security Advisory** CESA-2014:0247\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-March/020183.html\n\n**Affected packages:**\ngnutls\ngnutls-devel\ngnutls-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0247.html", "published": "2014-03-04T20:51:10", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2014-March/020183.html", "cvelist": ["CVE-2009-5138", "CVE-2014-0092"], "lastseen": "2016-12-05T19:58:44"}], "ics": [{"id": "ICSA-14-135-03A", "type": "ics", "title": "Siemens RuggedCom ROX-based Devices Certificate Verification Vulnerability (Update A)", "description": "## OVERVIEW\n\nThis updated advisory is a follow-up to the original advisory titled ICSA-14-135-03 Siemens RuggedCom ROX-Based Devices Certificate Verification Vulnerability that was published May 15, 2014, on the NCCIC/ICS-CERT web site.\n\nSiemens has reported to ICS-CERT an incorrect certificate verification in RuggedCom ROX\u2011based devices. Siemens is working on a firmware update for the affected products.\n\nThis vulnerability could be exploited remotely.\n\n## AFFECTED PRODUCTS\n\nThe following Siemens RuggedCom ROX-based devices are affected:\n\n### **\\--------- Begin Update A Part 1 of 2 --------**\n\n * ROX 1 prior to Version 1.16.1,\n * ROX 2 prior to Version 2.6\n\n### **\\--------- End Update A Part 1 of 2 ----------**\n\n## IMPACT\n\nIn RuggedCom ROX-based devices, GnuTLS is used for client certificate verification. Because GnuTLS is vulnerable to an incorrect error handling issue within this function, an attacker would be able to perform man-in-the-middle attacks.\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nSiemens is an international company headquartered in Munich, Germany. Siemens develops products mainly in the energy, healthcare and public health sectors, and transportation systems.\n\nThe affected products, RuggedCom switches and serial-to-Ethernet devices, are used to connect devices that operate in harsh environments such as electric utility substations and traffic control cabinets.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### CRYPTOGRAPHIC ISSUESa\n\nROX-based RuggedCom devices use GnuTLS libraries to enable secure communication. GnuTLS suffers from incorrect error handling in certificate verification, which could allow man\u2011in-the-middle attacks, and this may affect multiple services in these devices.\n\nThe following client-side services use GnuTLS libraries:\n\n * Secure Syslog (only affects ROX Version 1.16)\n * Software upgrades with HTTPS-based connections. Nonsecure connections are not affected. (Only affects ROX Versions 2.4 and 2.5)\n * FTPS (only affects ROX versions from v2.2 through v2.5 inclusive)\n\nCVE-2014-0092b has been assigned to this vulnerability. A CVSS v2 base score of 5.8 has been assigned; the CVSS vector string is (AV:N/AC:M/Au:N/C:P/I:P/A:N).c\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nNo known public exploits specifically target this vulnerability.\n\n#### DIFFICULTY\n\nAn attacker with a moderate skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\n### **\\--------- Begin Update A Part 2 of 2 --------**\n\nSiemens has developed firmware update V2.6.0 for ROX 2 and V1.16.1 for ROX 1, which fixes the vulnerability. It can be obtained from Siemens from either of the following methods:\n\n * Submit a support request online:\n * <http://www.siemens.com/automation/support-request>\n * Call a local hotline center:\n * <http://www.automation.siemens.com/mcms/aspa-db/en/automation-technology/Pages/default.aspx>\n\n### **\\--------- End Update A Part 2 of 2 ----------**\n\nFor more information please see Siemens advisory SSA-839231 on this subject at its web site:\n\n<http://www.siemens.com/cert/advisories>\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at: <http://ics-cert.us-cert.gov/content/recommended-practices>. Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.](<http://ics-cert.us-cert.gov/sites/default/files/recommended_practices/Defense_in_Depth_Oct09.pdf>) ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B>), that is available for download from the ICS-CERT web site (<http://ics-cert.us-cert.gov/>).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\n * a. CWE-310: Cryptographic Issues, <http://cwe.mitre.org/data/definitions/310.html>, web site last accessed May 15, 2014.\n * b. NVD, <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0092>, web site last accessed May 15, 2014.\n * c. CVSS Calculator, [http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:M/Au:N/C:P/I:P/A:N](<http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:M/Au:N/C:P/I:P/A:N>), web site last visited May 15, 2014.\n", "published": "2014-10-16T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://ics-cert.us-cert.gov//advisories/ICSA-14-135-03A", "cvelist": ["CVE-2014-0092"], "lastseen": "2016-11-09T00:12:26"}], "ubuntu": [{"id": "USN-2127-1", "type": "ubuntu", "title": "GnuTLS vulnerability", "description": "Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly handled \ncertificate verification functions. If a remote attacker were able to \nperform a man-in-the-middle attack, this flaw could be exploited with \nspecially crafted certificates to view sensitive information.", "published": "2014-03-04T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.ubuntu.com/usn/usn-2127-1", "cvelist": ["CVE-2014-0092"], "lastseen": "2017-05-01T08:28:26"}], "freebsd": [{"id": "F645AA90-A3E8-11E3-A422-3C970E169BC2", "type": "freebsd", "title": "gnutls -- multiple certificate verification issues", "description": "\nGnuTLS project reports:\n\nA vulnerability was discovered that affects the\n\t certificate verification functions of all gnutls\n\t versions. A specially crafted certificate could\n\t bypass certificate validation checks. The\n\t vulnerability was discovered during an audit of\n\t GnuTLS for Red Hat.\n\n\nSuman Jana reported a vulnerability that affects\n\t the certificate verification functions of\n\t gnutls 2.11.5 and later versions. A version 1\n\t intermediate certificate will be considered as\n\t a CA certificate by default (something that\n\t deviates from the documented behavior).\n\n", "published": "2014-03-03T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://vuxml.freebsd.org/freebsd/f645aa90-a3e8-11e3-a422-3c970e169bc2.html", "cvelist": ["CVE-2014-0092", "CVE-2014-1959"], "lastseen": "2016-09-26T17:24:26"}], "oraclelinux": [{"id": "ELSA-2014-0246", "type": "oraclelinux", "title": "gnutls security update", "description": "[2.8.5-13]\n- fix CVE-2014-0092 (#1069890)\n[2.8.5-12]\n- fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619\n upstream patch (#966754)\n[2.8.5-11]\n- fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)", "published": "2014-03-03T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-0246.html", "cvelist": ["CVE-2013-1619", "CVE-2014-0092", "CVE-2013-2116"], "lastseen": "2016-09-04T11:15:57"}, {"id": "ELSA-2014-0247", "type": "oraclelinux", "title": "gnutls security update", "description": "[1.4.1-14]\n- Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch\n- Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch\n[1.4.1-13]\n- fix issues of CVE-2014-0092 (#1069888)\n[1.4.1-12]\n- fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619\n upstream patch (#966754)\n[1.4.1-11]\n- fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)", "published": "2014-03-03T00:00:00", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2014-0247.html", "cvelist": ["CVE-2013-1619", "CVE-2009-5138", "CVE-2014-0092", "CVE-2014-5138", "CVE-2013-2116"], "lastseen": "2017-06-22T16:15:42"}], "gentoo": [{"id": "GLSA-201406-09", "type": "gentoo", "title": "GnuTLS: Multiple vulnerabilities", "description": "### Background\n\nGnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. \n\n### Description\n\nMultiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could utilize multiple vectors to spoof arbitrary SSL servers via a crafted certificate, execute arbitrary code or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GnuTLS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/gnutls-2.12.23-r6\"", "published": "2014-06-13T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201406-09", "cvelist": ["CVE-2014-3466", "CVE-2014-3465", "CVE-2014-0092", "CVE-2014-1959"], "lastseen": "2016-09-06T19:47:04"}]}}