Lucene search
UbuntuUSN-1752-1HistoryFeb 27, 2013 - 12:00 a.m.
GnuTLS vulnerability
2013-02-2700:00:00
ubuntu.com
29
5.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
74.8%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- gnutls13 - GNU TLS library
- gnutls26 - GNU TLS library
Details
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used
in GnuTLS was vulnerable to a timing side-channel attack known as the
“Lucky Thirteen” issue. A remote attacker could use this issue to perform
plaintext-recovery attacks via analysis of timing data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | libgnutls13 | < 2.0.4-1ubuntu2.9 | UNKNOWN |
| Ubuntu | 8.04 | noarch | gnutls-bin | < 2.0.4-1ubuntu2.9 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libgnutls-dev | < 2.0.4-1ubuntu2.9 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libgnutls13-dbg | < 2.0.4-1ubuntu2.9 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libgnutlsxx13 | < 2.0.4-1ubuntu2.9 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libgnutls26 | < 2.12.14-5ubuntu4.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | gnutls-bin | < 3.0.11+really2.12.14-5ubuntu4.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libgnutls-dev | < 2.12.14-5ubuntu4.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libgnutls-openssl27 | < 2.12.14-5ubuntu4.2 | UNKNOWN |
| Ubuntu | 12.10 | noarch | libgnutls26-dbg | < 2.12.14-5ubuntu4.2 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 18 Update: gnutls-2.12.23-1.fc18
2013-03-05 23:27:08
[SECURITY] Fedora 17 Update: gnutls-2.12.23-1.fc17
2013-03-12 23:33:08
[SECURITY] Fedora 18 Update: mingw-gnutls-2.12.23-1.fc18
2013-03-14 02:58:28
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : gnutls13, gnutls26 vulnerability (USN-1752-1)
2013-02-28 00:00:00
Fedora 18 : gnutls-2.12.23-1.fc18 (2013-2892)
2013-03-06 00:00:00
Slackware 14.0 / current : gnutls (SSA:2013-242-03)
2013-09-02 00:00:00
openvas
openvas
Fedora Update for mingw-gnutls FEDORA-2013-2110
2013-02-18 00:00:00
Fedora Update for mingw-gnutls FEDORA-2013-3438
2013-03-15 00:00:00
Fedora Update for mingw-gnutls FEDORA-2013-2128
2013-02-18 00:00:00
centos
centos
gnutls security update
2013-03-04 22:46:23
gnutls security update
2013-05-30 18:50:13
securityvulns
securityvulns
[USN-1752-1] GnuTLS vulnerability
2013-03-02 00:00:00
OpenSSL / PolarSSL / GnuTLS security vulnerabilities
2013-03-02 00:00:00
oraclelinux
oraclelinux
gnutls security update
2013-03-04 00:00:00
gnutls security update
2013-05-30 00:00:00
gnutls security update
2014-03-03 00:00:00
slackware
slackware
[slackware-security] gnutls
2013-08-30 07:46:14
[slackware-security] gnutls
2013-08-30 20:25:45
[slackware-security] gnutls
2013-10-15 00:18:30
amazon
amazon
Medium: gnutls
2013-03-14 22:04:00
Important: gnutls
2013-06-11 22:44:00
redhat
redhat
(RHSA-2013:0588) Moderate: gnutls security update
2013-03-04 00:00:00
(RHSA-2013:0883) Important: gnutls security update
2013-05-30 00:00:00
(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update
2013-03-13 00:00:00
veracode
veracode
Information Leakage
2019-01-15 08:58:55
ubuntucve
ubuntucve
CVE-2013-1619
2013-02-08 00:00:00
prion
prion
Design/Logic Flaw
2013-02-08 19:55:00
f5
f5
K15721 : GnuTLS vulnerability CVE-2013-1619
2014-10-23 00:00:00
SOL15721 - GnuTLS vulnerability CVE-2013-1619
2014-10-23 00:00:00
suse
suse
gnutls (critical)
2014-03-08 19:04:13
Security update for gnutls (critical)
2014-03-04 01:07:15
Security update for GnuTLS (important)
2014-06-16 18:04:14
debiancve
debiancve
CVE-2013-1619
2013-02-08 19:55:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2013-10-28 00:00:00
cve
cve
CVE-2013-1619
2013-02-08 19:55:00
5.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.004 Low
EPSS
Percentile
74.8%
Related for USN-1752-1