CVE-2012-0390

Technical details about CVE-2012-0390 (DTLS timing side-channel in GnuTLS

Buffer overflow

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

CVE-2011-4128

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

CVE-2011-4128

CVE-2011-4128 affects GnuTLS: a buffer overflow in gnutls_session_get_data in lib/gnutls_session.c can be triggered when a client uses nonstandard session resumption. A remote TLS server can cause an application crash (DoS) by sending a large SessionTicket. Affected are GnuTLS 2.12.x prior to 2.1...

CVE-2011-4128

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

CVE-2011-4128

Buffer overflow in the gnutlssessiongetdata function in lib/gnutlssession.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service application crash via a large SessionTicket...

FreeBSD : gnutls -- client session resumption vulnerability (bdec8dc2-0b3b-11e1-b722-001cc0476564)

The GnuTLS team reports : GNUTLS-SA-2011-2 Possible buffer overflow/Denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors...

gnutls -- client session resumption vulnerability

The GnuTLS team reports: GNUTLS-SA-2011-2 Possible buffer overflow/Denial of service...

GLSA-201110-05 : GnuTLS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201110-05 GnuTLS: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact : An attacker could perform man-in-the-middle attacks to...

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact An attacker could perform man-in-the-middle attacks to spoof arbitra...

CentOS Update for gnutls CESA-2010:0166 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for gnutls CESA-2009:1232 centos4 i386

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2009:1232 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS Update for gnutls CESA-2009:1232 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for gnutls CESA-2009:123 centos5 i386

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2009:123 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

CentOS Update for gnutls CESA-2009:1232 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for gnutls CESA-2010:0166 centos5 i386

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2010:0166 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)

The SSL-renegotiation 'authentication gap' has been fixed in gnutls. CVE-2009-3555 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnutls-3388. The text...

openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-1)

The SSL-renegotiation 'authentication gap' has been fixed in gnutls. CVE-2009-3555 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnutls-3388. The text...

openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)

This update fixes the safe renegotiation testing code which was missing in the previous update for CVE-2009-3555. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnutls-3647. The text...

openSUSE Security Update : gnutls (openSUSE-SU-2010:1025-2)

This update fixes the safe renegotiation testing code which was missing in the previous update for CVE-2009-3555. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update gnutls-3647. The text...