VLC Media Player < 2.1.5 Multiple Vulnerabilities

The version of VLC media player installed on the remote host is prior to 2.1.5. It is, therefore, affected by the following vulnerabilities : - An error exists in the pngpushreadchunk function within the file 'pngpread.c' from the included libpng library that can allow denial of service attacks...

Amazon Linux AMI : gnutls (ALAS-2014-352)

A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...

F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. C Tenable Network Security, Inc. The...

SOL15637 - GnuTLS vulnerability CVE-2013-2116

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

openSUSE Security Update : exim (openSUSE-SU-2014:0983-1)

"Changes in exim : - Silence static checkers; beo1506. - update to 4.83 This release of Exim includes one incompatible fix : + the behavior of expansion of arguments to math comparison functions , was unexpected, expanding the values twice; CVE-2014-2972; bnc888520 This release contains the...

RHEL 7 : gnutls (RHSA-2014:0684)

Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RHEL 7 : libtasn1 (RHSA-2014:0687)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0687 advisory. The libtasn1 library provides Abstract Syntax Notation One ASN.1 parsing and structures management, and Distinguished Encoding Rules DER...

Updated pidgin packages fix CVE-2014-3775

Updated pidgin packages fix security vulnerability: It was discovered that libgadu incorrectly handled certain messages from file relay servers. A malicious remote server or a man in the middle could use this issue to cause applications using libgadu to crash, resulting in a denial of service, or...

Oracle Linux 7 : gnutls (ELSA-2014-0684)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0684 advisory. 3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727 Tenable has extracted the preceding description block directly...

gnutls security update

3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727...

RedHat Update for gnutls RHSA-2014:0684-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS

No description provided by source. source: http://www.securityfocus.com/bid/34783/info GnuTLS is prone to multiple remote vulnerabilities: - A remote code-execution vulnerability - A denial-of-service vulnerability - A signature-generation vulnerability - A signature-verification vulnerability An...

GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing

No description provided by source. source: http://www.securityfocus.com/bid/34783/info GnuTLS is prone to multiple remote vulnerabilities: - A remote code-execution vulnerability - A denial-of-service vulnerability - A signature-generation vulnerability - A signature-verification vulnerability An...

GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS

No description provided by source. Sorry I forgot to write headers in previous mail. Exploit Title: possible ways to exploit CVE-2012-1663 GNUTLS-3.0.13 Google Dork: if relevant we will automatically add these to the GHDB Date: Mar 20, 2013 Exploit Author: Shawn the R0ck Vendor Homepage:...

gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)

A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...

libtasn1: multiple boundary check issues

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service out-of-bounds read via crafted ASN.1 data...

Important: Red Hat Security Advisory: rhev-hypervisor6 security update

An updated rhev-hypervisor6 package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

SOL15345 - GnuTLS vulnerability CVE-2014-3466

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

Fedora Update for gnutls FEDORA-2014-6881

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mingw-gnutls FEDORA-2014-6963

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...