117 matches found
DEBIAN-CVE-2017-7869
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...
gnutls: Stack overflow in cdk_pk_get_keyid
Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...
Multiple Buffer Overflow Vulnerabilities in GnuTLS
GnuTLS is a free secure communications library for implementing SSL, TLS and DTLS protocols. A buffer overflow-based vulnerability exists in GnuTLS that could be exploited by a remote attacker to submit a specially crafted request to crash an application linking to this library...
USN-2913-4: GnuTLS update
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update...
UBUNTU-CVE-2015-8313
GnuTLS incorrectly validates the first byte of padding in CBC modes...
DEBIAN-CVE-2015-3308
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
gnutls: gnutls_x509_dn_oid_name NULL pointer dereference
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
DEBIAN-CVE-2014-3466
Buffer overflow in the readserverhello function in lib/gnutlshandshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service memory corruption or possibly execute arbitrary code via a long session id in a ServerHello message...
USN-2229-1 gnutls26 vulnerability
Joonas Kuorilehto discovered that GnuTLS incorrectly handled Server Hello messages. A malicious remote server or a machine-in-the-middle could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code...
DLA-0001-1 gnutls26 - security update
Bulletin has no description...
[SECURITY] [DSA 2944-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2944-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 01, 2014 http://www.debian.org/security/faq -...
DSA-2944-1 gnutls26 - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2944-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2013-4466
Buffer overflow in the danequerytlsa function in the DANE library libdane in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service memory corruption via a response with more than four DANE entries...
Fedora Update for libtasn1 FEDORA-2012-4342
Check for the Version of libtasn1 OpenVAS Vulnerability Test Fedora Update for libtasn1 FEDORA-2012-4342 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
DEBIAN-CVE-2012-0390
The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
Fedora 11 : cups-1.4.2-7.fc11 (2009-10891)
Updated to 1.4.2 including XSS security fix CVE-2009-2820. Fixed improper reference counting in abstract file descriptors handling interface CVE-2009-3553. Fixed admin.cgi crash when modifying a class. Fix cups-lpd to create unique temporary data files. Pass through serial parameters correctly in...
TLS: MITM attacks via session renegotiation
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...
deprecate MD2 in SSL cert validation (Kaminsky)
The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...