RHEL 8 : gnutls (RHSA-2024:0155)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0155 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

Ubuntu: Security Advisory (USN-6499-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6499-2 gnutls28 vulnerability

USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recove...

USN-6499-2: GnuTLS vulnerability

USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recove...

Medium: gnutls

Issue Overview: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext processing is affected. CVE-2023-5981 Affected Packages: gnutls Issue Correction:...

Ubuntu 18.04 ESM : GnuTLS vulnerability (USN-6499-2)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6499-2 advisory. USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding description...

Medium: gnutls

Issue Overview: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext processing is affected. CVE-2023-5981 Affected Packages: gnutls Issue Correction:...

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-463)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-463 advisory. A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. Only TLS ciphertext...

Moderate Photon OS Security Update - PHSA-2024-4.0-0537

Updates of 'gnutls' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2024-5.0-0182

Updates of 'shadow', 'gnutls' packages of Photon OS have been released...

SUSE SLES15 Security Update : gnutls (SUSE-SU-2023:4986-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4986-1 advisory. - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gnutls (SUSE-SU-2023:4983-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4983-1 advisory. - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange...

SUSE: Security Advisory (SUSE-SU-2023:4986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4986-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277...

SUSE-SU-2023:4983-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277...

Moderate Photon OS Security Update - PHSA-2023-3.0-0705

Updates of 'gnutls', 'shadow', 'openssh' packages of Photon OS have been released...

NewStart CGSL MAIN 6.06 : gnutls Multiple Vulnerabilities (NS-SA-2023-0100)

The remote NewStart CGSL host, running version MAIN 6.06, has gnutls packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with...

SUSE: Security Advisory (SUSE-SU-2023:4952-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : gnutls (SUSE-SU-2023:4952-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4952-1 advisory. - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be...

SUSE-SU-2023:4952-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange bsc1208143. - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277...