Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1418-1
HistoryApr 05, 2012 - 12:00 a.m.

GnuTLS vulnerabilities

2012-04-0500:00:00
ubuntu.com
37

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.956 High

EPSS

Percentile

99.4%

JSON

Releases

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04
  • Ubuntu 8.04

Packages

  • gnutls13 - the GNU TLS library - commandline utilities
  • gnutls26 - the GNU TLS library - commandline utilities

Details

Alban Crequy discovered that the GnuTLS library incorrectly checked array
bounds when copying TLS session data. A remote attacker could crash a client
application, leading to a denial of service, as the client application prepared
for TLS session resumption. (CVE-2011-4128)

Matthew Hall discovered that the GnuTLS library incorrectly handled TLS
records. A remote attacker could crash client and server applications, leading
to a denial of service, by sending a crafted TLS record. (CVE-2012-1573)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchlibgnutls13< 2.0.4-1ubuntu2.7UNKNOWN
Ubuntu8.04noarchgnutls-bin< 2.0.4-1ubuntu2.7UNKNOWN
Ubuntu8.04noarchlibgnutls-dev< 2.0.4-1ubuntu2.7UNKNOWN
Ubuntu8.04noarchlibgnutls13-dbg< 2.0.4-1ubuntu2.7UNKNOWN
Ubuntu8.04noarchlibgnutlsxx13< 2.0.4-1ubuntu2.7UNKNOWN
Ubuntu11.10noarchlibgnutls26< 2.10.5-1ubuntu3.1UNKNOWN
Ubuntu11.10noarchgnutls-bin< 2.10.5-1ubuntu3.1UNKNOWN
Ubuntu11.10noarchguile-gnutls< 2.10.5-1ubuntu3.1UNKNOWN
Ubuntu11.10noarchlibgnutls-dev< 2.10.5-1ubuntu3.1UNKNOWN
Ubuntu11.10noarchlibgnutls26-dbg< 2.10.5-1ubuntu3.1UNKNOWN
Rows per page:
1-10 of 261

Related

openvas 36
nessus 30
fedora 4
oraclelinux 2
redhat 4
centos 2
amazon 1
gentoo 1
slackware 1
prion 2
cve 2
freebsd 2
debiancve 1
checkpoint_advisories 1
veracode 2
ubuntucve 2
debian 1
securityvulns 1
suse 1
vmware 2
openvas
openvas
Fedora Update for gnutls FEDORA-2012-4569
2012-04-11 00:00:00
RedHat Update for gnutls RHSA-2012:0429-01
2012-07-09 00:00:00
CentOS Update for gnutls CESA-2012:0429 centos6
2012-07-30 00:00:00
nessus
nessus
Fedora 15 : gnutls-2.10.5-3.fc15 (2012-4569)
2012-04-11 00:00:00
Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20120327)
2012-08-01 00:00:00
Amazon Linux AMI : gnutls (ALAS-2012-59)
2013-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15
2012-04-11 03:49:48
[SECURITY] Fedora 15 Update: gnutls-2.10.5-3.fc15
2012-04-11 17:00:37
[SECURITY] Fedora 16 Update: gnutls-2.12.14-2.fc16
2012-03-26 03:57:43
oraclelinux
oraclelinux
gnutls security update
2012-03-28 00:00:00
gnutls security update
2012-03-27 00:00:00
redhat
redhat
(RHSA-2012:0429) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0428) Important: gnutls security update
2012-03-27 00:00:00
(RHSA-2012:0488) Important: rhev-hypervisor5 security and bug fix update
2012-04-17 00:00:00
centos
centos
gnutls security update
2012-03-28 01:12:42
gnutls security update
2012-03-28 00:49:15
amazon
amazon
Important: gnutls
2012-04-05 12:47:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2012-06-23 00:00:00
slackware
slackware
[slackware-security] gnutls
2013-10-15 00:18:30
prion
prion
Memory corruption
2012-03-26 19:55:00
Buffer overflow
2011-12-08 20:55:00
cve
cve
CVE-2012-1573
2012-03-26 19:55:00
CVE-2011-4128
2011-12-08 20:55:00
freebsd
freebsd
gnutls -- possible overflow/Denial of service vulnerabilities
2012-03-20 00:00:00
gnutls -- client session resumption vulnerability
2011-11-08 00:00:00
debiancve
debiancve
CVE-2012-1573
2012-03-26 19:55:00
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow (CVE-2012-1573)
2012-09-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:12:39
Denial Of Service (DoS)
2020-04-10 01:12:38
ubuntucve
ubuntucve
CVE-2012-1573
2012-03-26 00:00:00
CVE-2011-4128
2011-12-08 00:00:00
debian
debian
[SECURITY] [DSA 2441-1] gnutls26 security update
2012-03-25 18:53:32
securityvulns
securityvulns
GnuTLS / libtasn1 security vulnerabilities
2012-03-26 00:00:00
suse
suse
Security update for gnutls (critical)
2014-03-04 01:04:52
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

7.9 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.956 High

EPSS

Percentile

99.4%

JSON
Related for USN-1418-1
openvas36nessus30fedora4oraclelinux2redhat4centos2amazon1gentoo1slackware1prion2cve2freebsd2debiancve1checkpoint_advisories1veracode2ubuntucve2debian1securityvulns1suse1vmware2