Debian DSA-3191-1 : gnutls26 - security update

Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0282 GnuTLS does not verify the RSA PKCS 1 signature algorithm to match the signature algorith...

Debian Security Advisory DSA 3191-1 (gnutls26 - security update)

Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0282 GnuTLS does not verify the RSA PKCS 1 signature algorithm to match the signature algorithm i...

[SECURITY] [DSA 3177-1] mod-gnutls security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3177-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 10, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 170-1] mod-gnutls security update

Package : mod-gnutls Version : 0.5.6-1+squeeze2 CVE ID : CVE-2015-2091 Debian Bug : 578663 Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the servers client verify mode not to be considered at all, in case the directorys...

DLA-170-1 mod-gnutls - security update

Bulletin has no description...

CVE-2015-2091

The authentication hook mgshookauthz in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate...

Authentication flaw

The authentication hook mgshookauthz in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate...

CVE-2015-2091

The authentication hook mgshookauthz in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate...

CVE-2015-2091

The authentication hook mgshookauthz in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate...

CVE-2015-2091

Removed by vendor...

CVE-2015-2091

Summary: CVE-2015-2091 affects mod-gnutls (Apache module) versions = 0.7.3 in the Gentoo advisory). Remediation (supported by sources): upgrade mod-gnutls to patched versions; apply vendor advisories that list updated releases. No exploit details are provided beyond the vulnerability description ...

CVE-2015-2091

The authentication hook mgshookauthz in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof clients via a crafted certificate...

UBUNTU-CVE-2015-0282

GnuTLS before 3.1.0 does not verify that the RSA PKCS 1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

CVE-2015-0282

GnuTLS before 3.1.0 does not verify that the RSA PKCS 1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors...

Debian DSA-3177-1 : mod-gnutls - security update

Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the server's client verify mode not to be considered at all, in case the directory's configuration was unset. Clients with invalid certificates were then able to leverage this...

[SECURITY] [DSA 3177-1] mod-gnutls security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3177-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 10, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3177-1] mod-gnutls security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3177-1 [email protected] http://www.debian.org/security/ Sebastien Delafond March 10, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3177-1 (mod-gnutls - security update)

Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the server OpenVAS Vulnerability Test $Id: deb3177.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3177-1 using nvtgen 1.0 Script version: 1.0 Author:...

DSA-3177-1 mod-gnutls - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3177-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...