4556 matches found
SOL17330 - GnuTLS vulnerability CVE-2015-3308
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
Ubuntu: Security Advisory (USN-2727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the GnuTLS library, which allows a hacker to cause a service failure
The vulnerability of the lib/x509/x509ext.c component in the GnuTLS library is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure using a specially crafted CRL distribution point...
SUSE SLED11 / SLES11 Security Update : gnutls (SUSE-SU-2015:1526-1) (Logjam)
This security update of gnutls fixes the following issues : - use minimal padding for CBC, the default random length padding causes problems with some servers bsc925499 - added gnutls-useminimalcbcpadding.patch - use the default DH minimum for gnutls-cli instead of hardcoding 512 - CVE-2015-4000...
SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2015:1518-1)
gnutls was updated to fix several security vulnerabilities. - fix double free in certificate DN decoding GNUTLS-SA-2015-3bsc941794,CVE-2015-6251 - fix invalid read in octet string in bundled libtasn1 bsc929414,CVE-2015-3622 - fix ServerKeyExchange signature issue GNUTLS-SA-2015-2bsc929690 Note th...
openSUSE Security Update : gnutls (openSUSE-2015-567)
Gnutls was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-6251: Decoding specific certificates with very long DistinguishedName DN entries could have caused a double free, which may have resulted in a Denial of Service GNUTLS-SA-2015-3 %NASLMINLEVEL 70300 C...
Amazon Linux: Security Advisory (ALAS-2014-352)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-301)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2013-172)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-59)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2015-575)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the GnuTLS library, which allows a hacker to cause a service failure
The vulnerability of the GnuTLS library is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure by submitting an excessively long DistinguishedName DN parameter...
Amazon Linux: Security Advisory (ALAS-2013-197)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3308
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
CVE-2015-3308
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
Double free
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
CVE-2015-3308
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
CVE-2015-3308
Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point...
CVE-2015-3308
CVE-2015-3308: A double-free in GnuTLS’ lib/x509/x509_ext.c when parsing CRL distribution points (vulnerable in GnuTLS releases before 3.3.14) may allow remote DoS or other impact. Affected component: x509_ext.c; root cause: double-free; impact: DoS and possible unspecified effects; remediation: ...
USN-2727-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...