15 matches found
MiracleLinux 4 : gnutls-2.8.5-18.AXS4 (AXSA:2015-329:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-329:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...
Linux Distros Unpatched Vulnerability : CVE-2014-8155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a...
K53330207: GnuTLS vulnerability CVE-2014-8155
Security Advisory Description GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid. CVE-2014-8155 Impact GnuT...
SUSE: Security Advisory (SUSE-SU-2015:0675-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
Oracle: Security Advisory (ELSA-2015-1457)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8155
GnuTLS before 2.9.10 does not verify CA certificate activation/expiration dates, enabling MITM via certificates not yet valid or no longer valid. Affected: GnuTLS library (pre-2.9.10). Mitigation: upgrade to 2.9.10 or later where the issue is fixed (per advisory references). If exploiting details...
Amazon Linux AMI : gnutls (ALAS-2015-575)
It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...
Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20150722)
It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...
Oracle Linux 6 : gnutls (ELSA-2015-1457)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1457 advisory. - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 Tenable has extracted the preceding description block directly from the Oracle Linux security...
RedHat Update for gnutls RHSA-2015:1457-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 180-1] gnutls26 security update
Package : gnutls26 Version : 2.8.6-1+squeeze5 CVE ID : CVE-2014-8155 CVE-2015-0282 CVE-2015-0294 Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems:...
Ubuntu: Security Advisory (USN-2540-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2540-1: GnuTLS vulnerabilities
It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. CVE-2014-8155 Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could...