Scientific Linux Security Update : gnutls on SL5.x, SL6.x i386/srpm/x86_64 (20130530)

It was discovered that the fix for the CVE-2013-1619 issue released via SLSA-2013:0588 introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that...

CentOS Update for gnutls CESA-2013:0883 centos6

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2013:0883 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

RHEL 5 / 6 : gnutls (RHSA-2013:0883)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0883 advisory. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was discovered that t...

CentOS Update for gnutls CESA-2013:0883 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for gnutls26 USN-1843-1

Check for the Version of gnutls26 OpenVAS Vulnerability Test $Id: gbubuntuUSN18431.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for gnutls26 USN-1843-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

CentOS 5 / 6 : gnutls (CESA-2013:0883)

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CentOS Update for gnutls CESA-2013:0883 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for gnutls RHSA-2013:0883-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...

gnutls security update

CentOS Errata and Security Advisory CESA-2013:0883 Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

PT-2013-1059 · Gnu +4 · Gnutls +4

Name of the Vulnerable Software and Affected Versions: GnuTLS versions prior to 2.12.23 Description: The issue is related to multiple vulnerabilities in the GnuTLS package, which can be exploited remotely to cause a denial of service, leading to disruption of protected information availability...

gnutls security update

2.8.5-10.2 - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619 upstream patch 966754...

USN-1843-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled certain padding bytes. A remote attacker could use this flaw to cause an application using GnuTLS to crash, leading to a denial of service...

CVE-2013-2116

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

SuSE 11.2 Security Update : GnuTLS (SAT Patch Number 7660)

This GnuTLS update fixes incorrect padding which weakens the encryption. CVE-2013-1619 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 8554)

This GnuTLS update fixes incorrect padding which weakens the encryption. CVE-2013-1619 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Mandriva Linux Security Advisory : lynx (MDVSA-2013:101)

Updated lynx package fixes security vulnerability : Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function...

Mandriva Linux Security Advisory : gnutls (MDVSA-2013:040)

Nadhem Alfardan and Kenny Paterson devised an attack that recovers some bits of the plaintext of a GnuTLS session that utilizes that CBC ciphersuites, by using timing information CVE-2013-1619. The gnutls package has been updated to latest 3.0.28 version to fix above problem. %NASLMINLEVEL 70300 ...

GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service

GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service Sorry I forgot to write headers in previous mail. Exploit Title: possible ways to exploit CVE-2012-1663 GNUTLS-3.0.13 Google Dork: if relevant we will automatically add these to the GHDB Date: Mar 20, 2013 Exploit...