2 matches found
FreeBSD : gnutls -- 'gnutls_handshake()' Denial of Service (d864a0a7-6f27-11dd-acfe-00104b9e1a4a)
Secunia reports : A vulnerability has been reported in GnuTLS, which can potentially be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to a use-after-free error when an application calls 'gnutlshandshake' for an already valid session and can...
CVE-2008-2377
CVE-2008-2377 is a use-after-free in GNU TLS: the _gnutls_handshake_hash_buffers_clear function in libgnutls (GnuTLS 2.3.5–2.4.0) can allow a remote attacker to crash the service or potentially run arbitrary code during TLS handshakes, due to improper handling of a deallocated libgcrypt handle. A...