Lucene search
F5F5:K15345HistoryOct 17, 2014 - 12:00 a.m.
K15345 : GnuTLS vulnerability CVE-2014-3466
2014-10-1700:00:00
my.f5.com
9
Security Advisory Description
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. (CVE-2014-3466)
Impact
None. No F5 products are affected by this vulnerability.
Note: F5 Product Development has determined that BIG-IP, BIG-IQ, and Enterprise Manager versions ship with vulnerable GnuTLS code. However, the vulnerable code is not used as a server or to make outgoing connections, and is not exploitable.
Related
nessus
nessus
Oracle Linux 6 : gnutls (ELSA-2014-0595)
2014-06-04 00:00:00
Fedora 20 : mingw-gnutls-3.1.25-1.fc20 (2014-6953)
2014-06-10 00:00:00
thn
thn
Critical GnuTLS Flaw Leaves SSL Clients Vulnerable to Remote Code Execution
2014-06-04 02:15:00
ubuntu
ubuntu
GnuTLS vulnerability
2014-06-02 00:00:00
prion
prion
Buffer overflow
2014-06-03 14:55:00
freebsd
freebsd
gnutls -- client-side memory corruption
2014-05-14 00:00:00
gnutls -- client-side memory corruption
2014-05-14 00:00:00
centos
centos
gnutls security update
2014-06-04 09:21:48
gnutls security update
2014-06-04 09:31:23
osv
osv
gnutls26 - security update
2014-06-01 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:52:35
Denial Of Service (DoS)
2019-05-02 05:03:32
openvas
openvas
RedHat Update for gnutls RHSA-2014:0595-01
2014-06-09 00:00:00
Oracle: Security Advisory (ELSA-2014-0595)
2015-10-06 00:00:00
Debian: Security Advisory (DSA-2944-1)
2014-05-31 00:00:00
redhat
redhat
(RHSA-2014:0595) Important: gnutls security update
2014-06-03 00:00:00
(RHSA-2014:0684) Important: gnutls security update
2014-06-10 00:00:00
(RHSA-2014:0594) Important: gnutls security update
2014-06-03 00:00:00
cvelist
cvelist
CVE-2014-3466
2014-06-03 14:00:00
ubuntucve
ubuntucve
CVE-2014-3466
2014-06-01 00:00:00
f5
f5
SOL15345 - GnuTLS vulnerability CVE-2014-3466
2014-06-19 00:00:00
debiancve
debiancve
CVE-2014-3466
2014-06-03 14:55:10
oraclelinux
oraclelinux
gnutls security update
2014-06-03 00:00:00
gnutls security update
2014-07-23 00:00:00
gnutls security update
2014-06-03 00:00:00
nvd
nvd
CVE-2014-3466
2014-06-03 14:55:10
debian
debian
gnutls26 security update
2014-06-02 07:50:57
[SECURITY] [DSA 2944-1] gnutls26 security update
2014-06-01 08:38:52
gnutls26 security update
2014-06-02 07:51:19
checkpoint_advisories
checkpoint_advisories
GnuTLS Server Hello Session ID Heap Buffer Overflow (CVE-2014-3466)
2014-06-08 00:00:00
cve
cve
CVE-2014-3466
2014-06-03 14:55:10
amazon
amazon
Important: gnutls
2014-06-05 15:38:00
suse
suse
gnutls: Fixed possible memory corruption and NULL pointer dereference (important)
2014-06-06 11:04:14
gnutls: Fixed possible memory corruption (important)
2014-06-06 12:23:49
Security update for GnuTLS (important)
2014-06-13 02:04:36
fedora
fedora
[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.25-1.fc20
2014-06-10 03:11:44
[SECURITY] Fedora 20 Update: gnutls-3.1.25-1.fc20
2014-06-04 07:53:52
[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.25-1.fc19
2014-06-10 03:08:23
mageia
mageia
Updated gnutls packages fix CVE-2104-3465-6
2014-06-02 22:47:21
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2014-06-13 00:00:00
slackware
slackware
[slackware-security] gnutls
2014-06-06 05:26:16
securityvulns
securityvulns
GnuTLS and libtasn1 multiple security vulnerabilities
2014-06-02 00:00:00
[oss-security] GnuTLS and libtasn1 security fixes
2014-06-02 00:00:00