16 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-6251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName DN...
RHEL 7 : gnutls (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gnutls: certificate algorithm consistency checking issue CVE-2015-0294 - gnutls: use-after-free flaw in C...
K17335: GnuTLS vulnerability CVE-2015-6251
Security Advisory Description Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName DN entry in a certificate. CVE-2015-6251 Impact This vulnerability allows disruption of service. Security Adviso...
SUSE CVE-2015-6251
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName DN entry in a certificate...
Slackware: Security Advisory (SSA:2015-233-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1518-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GnuTLS DistinguishedName Decoding Double Free - ver 2 (CVE-2015-6251)
A double-free vulnerability has been reported in GnuTLS. The vulnerability is due to an error within gnutlsx509dntostring while processing very long Distinguished Name values in X.509 certificates. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted certificate ...
Mageia: Security Advisory (MGASA-2015-0322)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SOL17335 - GnuTLS vulnerability CVE-2015-6251
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Ubuntu: Security Advisory (USN-2727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : gnutls (openSUSE-2015-567)
Gnutls was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-6251: Decoding specific certificates with very long DistinguishedName DN entries could have caused a double free, which may have resulted in a Denial of Service GNUTLS-SA-2015-3 %NASLMINLEVEL 70300 C...
Ubuntu 15.04 : gnutls28 vulnerabilities (USN-2727-1)
It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...
USN-2727-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...
Fedora 23 : gnutls-3.4.4-1.fc23 (2015-13287)
new upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
CVE-2015-6251
GnuTLS vulnerability (CVE‑2015‑6251) : A double‑free in the certificate DN decoding path, specifically in _gnutls_x509_dn_to_string(), can be triggered by very long DistinguishedName values in X.509 certificates. Affected versions are before 3.3.17 and 3.4.x before 3.4.4. Impact : remote denial o...
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix security issues. IMPORTANT: On Slackware 14.0, install the new updated nettle package first. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/gnutls-3.3.17.1-i486-1slack14.1.txz: Upgraded. This...