Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1415
HistoryApr 30, 2009 - 12:00 a.m.

CVE-2009-1415

2009-04-3000:00:00
ubuntu.com
ubuntu.com
12

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.12 Low

EPSS

Percentile

95.3%

JSON

lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly
handle invalid DSA signatures, which allows remote attackers to cause a
denial of service (application crash) and possibly have unspecified other
impact via a malformed DSA key that triggers a (1) free of an uninitialized
pointer or (2) double free.

Notes

Author Note
jdstrand from advisory: Only GnuTLS 2.6.x is affected. GnuTLS 2.4.x and earlier did not contain the buggy code.

Related

prion 1
seebug 2
exploitpack 1
cve 1
exploitdb 1
slackware 1
openvas 9
nessus 4
securityvulns 2
altlinux 2
freebsd 1
gentoo 1
prion
prion
Double free
2009-04-30 20:30:00
seebug
seebug
GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS
2014-07-01 00:00:00
GnuTLS库多个远程安全漏洞
2009-05-04 00:00:00
exploitpack
exploitpack
GnuTLS 2.6.x - libgnutls libpk-libgcrypt.c Malformed DSA Key Handling Remote Denial of Service
2009-04-30 00:00:00
cve
cve
CVE-2009-1415
2009-04-30 20:30:00
exploitdb
exploitdb
GnuTLS 2.6.x - libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote Denial of Service
2009-04-30 00:00:00
slackware
slackware
gnutls
2009-05-09 13:05:09
openvas
openvas
Slackware: Security Advisory (SSA:2009-128-01)
2012-09-10 00:00:00
Slackware Advisory SSA:2009-128-01 gnutls
2012-09-11 00:00:00
Gentoo Security Advisory GLSA 200905-04 (gnutls)
2009-05-25 00:00:00
nessus
nessus
Slackware 12.0 / 12.1 / 12.2 / current : gnutls (SSA:2009-128-01)
2009-05-11 00:00:00
Mandriva Linux Security Advisory : gnutls (MDVSA-2009:116)
2009-05-19 00:00:00
FreeBSD : GnuTLS -- multiple vulnerabilities (b31a1088-460f-11de-a11a-0022156e8794)
2009-08-20 00:00:00
securityvulns
securityvulns
[Full-disclosure] [ MDVSA-2009:116 ] gnutls
2009-05-19 00:00:00
gnutls multiple security vulnerabilities
2009-05-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package gnutls30 version 2.6.6-alt1
2009-04-30 00:00:00
Security fix for the ALT Linux 9 package gnutls30 version 2.6.6-alt1
2009-04-30 00:00:00
freebsd
freebsd
GnuTLS -- multiple vulnerabilities
2009-05-21 00:00:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2009-05-24 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.12 Low

EPSS

Percentile

95.3%

JSON
Related for UB:CVE-2009-1415
prion1seebug2exploitpack1cve1exploitdb1slackware1openvas9nessus4securityvulns2altlinux2freebsd1gentoo1