4466 matches found
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
DEBIAN-CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
Null pointer dereference
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
CVE-2014-3465 affects GnuTLS, specifically gnutls_x509_dn_oid_name in lib/x509/common.c. In GnuTLS 3.0.x before 3.1.20 and 3.2.x before 3.2.10, processing an X.509 DN with an OID lacking an LDAP description can trigger a NULL pointer dereference via crafted certificates, causing a denial of servi...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)
A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...
Important: Red Hat Security Advisory: gnutls security update
Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
[SECURITY] Fedora 19 Update: gnutls-3.1.20-5.fc19
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...
[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.25-1.fc20
GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...
[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.25-1.fc19
GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...
Fedora 19 : mingw-gnutls-3.1.25-1.fc19 (2014-6963)
Version 3.1.25 released 2014-05-30 - libgnutls: Eliminated memory corruption issue in Server Hello parsing. Issue reported by Joonas Kuorilehto of Codenomicon. - libgnutls: Increased the maximum certificate size buffer in the PKCS 11 subsystem. - libgnutls: Check the return code of getpwuidr...
Fedora 19 : gnutls-3.1.20-5.fc19 (2014-6881)
Added fix for CVE-2014-3466 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Mandriva Linux Security Advisory : gnutls (MDVSA-2014:108)
Updated gnutls packages fix security vulnerabilities : A NULL pointer dereference flaw was discovered in GnuTLS's gnutlsx509dnoidname. The function, when called with the GNUTLSX509DNOIDRETURNOID flag, should not return NULL to its caller. However, it could previously return NULL when parsed X.509...
Fedora 20 : mingw-gnutls-3.1.25-1.fc20 (2014-6953)
Version 3.1.25 released 2014-05-30 - libgnutls: Eliminated memory corruption issue in Server Hello parsing. Issue reported by Joonas Kuorilehto of Codenomicon. - libgnutls: Increased the maximum certificate size buffer in the PKCS 11 subsystem. - libgnutls: Check the return code of getpwuidr...
CentOS Update for gnutls CESA-2014:0595 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for gnutls RHSA-2014:0594-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for gnutls (openSUSE-SU-2014:0767-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...