DEBIAN-CVE-2012-1573

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

CVE-2012-1573

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

Memory corruption

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

CVE-2012-1569

CVE-2012-1569 involves the libtasn1 ASN.1 DER library. The issue is a flaw in asn1_get_length_der handling large length values, present in libtasn1 before 2.12 and used by GnuTLS before 3.0.16. A crafted DER structure can trigger heap memory corruption, leading to a remote denial of service (appl...

CVE-2012-1573

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

CVE-2012-1569

The asn1getlengthder function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly ha...

CVE-2012-1573

CVE-2012-1573 affects GnuTLS: gnutls_cipher.c in libgnutls handles data encrypted with a block cipher incorrectly, allowing remote attackers to trigger a denial of service (heap memory corruption and crash) via a crafted GenericBlockCipher record. It affects GnuTLS versions before 2.12.17 and 3.x...

[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implem ents the proposed standards by the IETF's TLS working group...

[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16

GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implem ents the proposed standards by the IETF's TLS working group...

GnuTLS / libtasn1 security vulnerabilities

Vulnerabilities on TLS and ASN.1 records parsing...

CVE-2012-1569

The asn1getlengthder function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly ha...

Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 TLS record handling vulnerability in GnuTLS MU-201202-01 ASN.1 length decoding vulnerability in Libtasn1 MU-201202-02 20 March 2012...

CVE-2012-1573

gnutlscipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service heap memory corruption and application crash via a crafted record, as demonstrated by a crafted...

Fedora Update for gnutls FEDORA-2012-4578

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2012-4578 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for gnutls FEDORA-2012-4578

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] [DSA 2440-1] libtasn1-3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2440-1 [email protected] http://www.debian.org/security/ Florian Weimer March 24, 2012 http://www.debian.org/security/faq -...

DSA-2440-1 libtasn1-3 - integer overflow

Bulletin has no description...

FreeBSD : libtasn1 -- ASN.1 length decoding vulnerability (2e7e9072-73a0-11e1-a883-001cc0a36e12)

Mu Dynamics, Inc. reports : Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1getlengthder is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally...

FreeBSD : gnutls -- possible overflow/Denial of service vulnerabilities (aecee357-739e-11e1-a883-001cc0a36e12)

Mu Dynamics, Inc. reports : The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

gnutls -- possible overflow/Denial of service vulnerabilities

Mu Dynamics, Inc. reports: The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability...