27 matches found
MiracleLinux 4 : gnutls-2.8.5-18.AXS4 (AXSA:2015-329:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-329:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...
Linux Distros Unpatched Vulnerability : CVE-2015-0294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. CVE-2015-0294 Note that Nessus relies on the presence o...
RHEL 7 : gnutls (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: certificate algorithm consistency checking issue CVE-2015-0294 - gnutls: use-after-free flaw in C...
SUSE CVE-2015-0294
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...
SUSE: Security Advisory (SUSE-SU-2015:0675-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-0294
The CVE-2015-0294 entry concerns GnuTLS before 3.3.13, where the library does not validate that the signature algorithms match when importing a certificate. The vulnerability is documented in multiple connected sources (e.g., MiracleLinux AXSA advisory referencing CVE-2015-0294 and vendor advisor...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
Improper Signature Validation
The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...
F5 Networks BIG-IP : GnuTLS vulnerability (K54022413)
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. CVE-2015-0294 Impact GnuTLS does not check if all sections of X.509 certificates indicate the same signature algorithm. This flaw, in combination with a different flaw, can lead to a bypass of...
Mageia: Security Advisory (MGASA-2015-0322)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1457)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : gnutls (ALAS-2015-575)
It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...
Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20150722)
It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...
OracleVM 3.3 : gnutls (OVMSA-2015-0101)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 - Corrected value initialization in mpi printing 1129241 - Check for expiry information in the CA certificates 1159778 - fix issue with integer...
Oracle Linux 6 : gnutls (ELSA-2015-1457)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1457 advisory. - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 Tenable has extracted the preceding description block directly from the Oracle Linux security...
gnutls security and bug fix update
2.8.5-18 - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 2.8.5-17 - Corrected value initialization in mpi printing 1129241 2.8.5-16 - Check for expiry information in the CA certificates 1159778 2.8.5-15 - fix issue with integer padding in certificates and keys 1036385...
RedHat Update for gnutls RHSA-2015:1457-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11.3 Security Update : GnuTLS (SAT Patch Number 10536)
GnuTLS was updated to fix two security issues : - A certificate algorithm consistency checking issue was fixed, where GnuTLS did not check whether the two signature algorithms match on certificate import. This problem is not deemed to be exploitable currently. CVE-2015-0294 - GNUTLS-SA-2015-1:...
openSUSE Security Update : gnutls (openSUSE-2015-269)
gnutls was updated to fix a security issue : A certificate algorithm consistency checking issue was fixed CVE-2015-0294. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-269. The...
[SECURITY] [DLA 180-1] gnutls26 security update
Package : gnutls26 Version : 2.8.6-1+squeeze5 CVE ID : CVE-2014-8155 CVE-2015-0282 CVE-2015-0294 Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems:...