CentOS 6 : libtasn1 (CESA-2014:0596)

Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

FreeBSD : gnutls -- client-side memory corruption (9733c480-ebff-11e3-970b-206a8a720317)

GnuTLS project reports : This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

CentOS 6 : gnutls (CESA-2014:0595)

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libtasn1 security update

CentOS Errata and Security Advisory CESA-2014:0596 Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

gnutls security update

CentOS Errata and Security Advisory CESA-2014:0594 Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS bas...

gnutls security update

CentOS Errata and Security Advisory CESA-2014:0595 Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base...

[SECURITY] Fedora 20 Update: gnutls-3.1.25-1.fc20

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

Critical GnuTLS Flaw Leaves SSL Clients Vulnerable to Remote Code Execution

GnuTLS, a widely used open source SSL/TLS cryptographic library is vulnerable to a buffer overflow vulnerability that could be exploited to crash TLS clients or potentially execute malicious code on underlying systems. The GnuTLS library implements secure sockets layer SSL and transport layer...

Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20140603)

A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...

Scientific Linux Security Update : gnutls on SL5.x i386/x86_64 (20140603)

A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...

Oracle Linux 5 : gnutls (ELSA-2014-0594)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0594 advisory. 1.4.1-16 - added missing check for null pointer 1102355 1.4.1-15 - fix session ID length check and null pointer dereference 1102355 - fix minitasn1...

RHEL 6 : libtasn1 (RHSA-2014:0596)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0596 advisory. The libtasn1 library provides Abstract Syntax Notation One ASN.1 parsing and structures management, and Distinguished Encoding Rules DER...

FreeBSD : gnutls -- client-side memory corruption (027af74d-eb56-11e3-9032-000c2980a9f3)

GnuTLS project reports : This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

RHEL 6 : gnutls (RHSA-2014:0595)

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Oracle Linux 6 : gnutls (ELSA-2014-0595)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-0595 advisory. 2.8.5-14 - fix session ID length check 1102024 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHEL 5 : gnutls (RHSA-2014:0594)

Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

SUSE-SU-2015:0675-1 Security update for gnutls

GnuTLS has been patched to ensure proper parsing of session ids during the TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have been fixed. Further information is available at http://www.gnutls.org/security.htmlGNUTLS-SA-2014-3 These security issues have been fixed: Possible...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)

A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...