logo
DATABASE RESOURCES PRICING ABOUT US

Denial Of Service (DoS)

Description

gnutls is vulnerable to denial of service. A boundary error was found in the gnutls_session_get_data() function. A malicious TLS/SSL server could use this flaw to crash a TLS/SSL client or, possibly, execute arbitrary code as the client, if the client passed a fixed-sized buffer to gnutls_session_get_data() before checking the real size of the session data provided by the server.


Affected Software


CPE Name Name Version
gnutls 1.4.1__3.el5_1
gnutls 1.4.1__3.el5_3.5
gnutls 1.4.1__3.el5_4.8
gnutls 1.4.1__3.el5_2.1
gnutls 1.4.1__3.el5_1
gnutls 1.4.1__3.el5_3.5
gnutls 1.4.1__3.el5_4.8
gnutls 1.4.1__3.el5_2.1

Related