4564 matches found
CVE-2018-10845
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...
CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
CVE-2018-10845
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...
CVE-2018-10844
CVE-2018-10844 affects GnuTLS HMAC-SHA-256 and is described in multiple sources (IBM advisories and third‑party feeds) as a Lucky Thirteen–style timing attack enabling distinguishing and plaintext‑recovery via crafted packets. Affected products include IBM Power Hardware Management Console and IB...
CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
CVE-2018-10844
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets...
UBUNTU-CVE-2018-10844
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets...
UBUNTU-CVE-2018-10845
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...
CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
CVE-2018-10845
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...
CVE-2018-10844
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets...
UBUNTU-CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
Photon OS 1.0: Freetype2 / Gnutls / Linux / Tar PHSA-2017-0015 (deprecated)
An update of freetype2,tar,gnutls,linux packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0015. The text itself is copyright C...
Photon OS 1.0: Binutils / C / Dnsmasq / Git / Gnutls / Krb5 / Linux / Mercurial / Mesos / Nginx PHSA-2017-0038 (deprecated)
An update of gnutls, c-ares, nginx, mercurial, linux, mesos, git, binutils, krb5, dnsmasq packages for PhotonOS has been released. File data PhotonOSPHSA-2017-0038.nasl...
Photon OS 1.0: Gnutls / Linux / Openjdk / Openjre PHSA-2017-0016 (deprecated)
An update of gnutls,openjdk,openjre packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0016. The text itself is copyright C VMware...
PT-2018-3450 · Gnu +5 · Gnutls +5
Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: The issue is related to the GnuTLS implementation of HMAC-SHA-256, which is vulnerable to a Lucky thirteen style attack. Remote attackers could exploit this flaw to conduct distinguishing...
PT-2018-3451 · Gnu +5 · Gnutls +5
Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: The issue is related to the GnuTLS implementation of HMAC-SHA-384, which is vulnerable to a Lucky thirteen style attack. This allows remote attackers to conduct distinguishing attacks and...
[ASA-201807-9] libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201807-9 ========================================= Severity: High Date : 2018-07-16 CVE-ID : CVE-2018-0500 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-734 Summary ======= The package libcurl-gnutl...
[ASA-201807-7] lib32-libcurl-gnutls: arbitrary code execution
Arch Linux Security Advisory ASA-201807-7 ========================================= Severity: High Date : 2018-07-16 CVE-ID : CVE-2018-0500 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-732 Summary ======= The package...
Security Bulletin: A vulnerability in gnutls affects IBM Flex System Manager (FSM) (CVE-2017-7869)
Summary A vulnerability has been discovered in gnutls that is embedded in FSM. This bulletin addresses that issue. Vulnerability Details CVEID: CVE-2017-7869 DESCRIPTION: GnuTLS is vulnerable to a denial of service, caused by an integer overflow and heap-based buffer overflow in cdkpktread functi...