RHEL 6 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: asn1getbitder can return negative bit length CVE-2014-3468 - gnutls: HMAC-SHA-384 vulnerable to...

CVE-2024-30391 Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed

A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device...

Security Bulletin: Vulnerability in GnuTLS affects Power Hardware Management Console ( CVE-2018-10845 CVE-2018-10844)

Summary It was found that GnuTLS's implementation of HMAC-SHA-384 and HMAC-SHA-256 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...

SUSE: Security Advisory (SUSE-SU-2018:2842-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2825-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1136)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1112)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-10845

It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gnutls Multiple Vulnerabilities (NS-SA-2019-0068)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnutls packages installed that are affected by multiple vulnerabilities: - It was found that GnuTLS's implementation of HMAC- SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to...

EulerOS 2.0 SP3 : gnutls (EulerOS-SA-2019-1292)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to...

EulerOS Virtualization 2.5.3 : gnutls (EulerOS-SA-2019-1272)

According to the version of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could u...

EulerOS 2.0 SP2 : gnutls (EulerOS-SA-2019-1112)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to...

EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1136)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to...

openSUSE Security Update : gnutls (openSUSE-2019-746)

This update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirtee...

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2018:2930-1)

This update for gnutls fixes the following security issues : Improved mitigations against Lucky 13 class of attacks CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen atta...

Amazon Linux 2 : gnutls (ALAS-2018-1120)

It was found that GnuTLS's implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.CVE-2018-10844 It was foun...

Medium: gnutls

Issue Overview: It was found that GnuTLS's implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted...

Debian: Security Advisory (DLA-1560-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated gnutls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: It was found that the GnuTLS implementation of HMAC-SHA-256 and HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical...

RHEL 7 : gnutls (RHSA-2018:3050)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3050 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as...