35 matches found
MiracleLinux 4 : gnutls-2.8.5-10.2.0.1.AXS4 (AXSA:2013-469:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-469:02 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...
SUSE: Security Advisory (SUSE-SU-2013:1060-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1060-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0322-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0320-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2013-0883)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.3 : gnutls (OVMSA-2015-0101)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 - Corrected value initialization in mpi printing 1129241 - Check for expiry information in the CA certificates 1159778 - fix issue with integer...
RHEL 6 : rhev-hypervisor6 (RHSA-2013:1076)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:1076 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor...
F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)
The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. C Tenable Network Security, Inc. The...
Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2
March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...
Oracle Linux 5 : gnutls (ELSA-2014-0247)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0247 advisory. - fix issues of CVE-2014-0092 1069888 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 Tenable has extracted the precedi...
gnutls security update
1.4.1-14 - Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch - Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch 1.4.1-13 - fix issues of CVE-2014-0092 1069888 1.4.1-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 1.4.1-11 - fix...
gnutls security update
2.8.5-13 - fix CVE-2014-0092 1069890 2.8.5-12 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 2.8.5-11 - fix CVE-2013-1619 - fix TLS-CBC timing attack 908238...
Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora 18 : mingw-gnutls-2.12.23-2.fc18 (2013-9783)
Fix for CVE-2013-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 17 : mingw-gnutls-2.12.23-2.fc17 (2013-9774)
Fix for CVE-2013-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Oracle Linux 5 / 6 : gnutls (ELSA-2013-0883)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0883 advisory. 2.8.5-10.2 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754 Tenable has extracted the preceding description block directly fr...
CVE-2013-2116
CVE-2013-2116 affects GnuTLS 2.12.23 where the function gnutls_ciphertext2compressed in lib/gnutls_cipher.c can trigger a buffer over-read and crash under a crafted padding length, causing a denial of service. NOTE: this entry is linked to previous CVE-2013-0169 fixes; ALT Linux advisories indica...
CVE-2013-2116
The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...