Lucene search

K

Veracode Vulnerability DatabaseVERACODE:25007

HistoryApr 10, 2020 - 1:12 a.m.

Denial Of Service (DoS)

2020-04-1001:12:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

0.916 High

EPSS

Percentile

98.9%

gnutls is vulnerable to denial of service. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash.

CPENameOperatorVersion
gnutlseq1.4.1__3.el5_3.5
gnutlseq1.4.1__3.el5_1
gnutlseq1.4.1__3.el5_4.8
gnutlseq1.4.1__3.el5_2.1
gnutlseq1.4.1__3.el5_3.5
gnutlseq1.4.1__3.el5_1
gnutlseq1.4.1__3.el5_4.8
gnutlseq1.4.1__3.el5_2.1

References

archives.neohapsis.com/archives/bugtraq/2012-03/0099.html

article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932

article.gmane.org/gmane.comp.gnu.libtasn1.general/53

article.gmane.org/gmane.comp.gnu.libtasn1.general/54

blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/

linux.oracle.com/errata/ELSA-2014-0596.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html

lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html

rhn.redhat.com/errata/RHSA-2012-0427.html

rhn.redhat.com/errata/RHSA-2012-0488.html

rhn.redhat.com/errata/RHSA-2012-0531.html

secunia.com/advisories/48397

secunia.com/advisories/48488

secunia.com/advisories/48505

secunia.com/advisories/48578

secunia.com/advisories/48596

secunia.com/advisories/49002

secunia.com/advisories/50739

secunia.com/advisories/57260

www.debian.org/security/2012/dsa-2440

www.gnu.org/software/gnutls/security.html

www.mandriva.com/security/advisories?name=MDVSA-2012:039

www.openwall.com/lists/oss-security/2012/03/20/3

www.openwall.com/lists/oss-security/2012/03/20/8

www.openwall.com/lists/oss-security/2012/03/21/5

www.securitytracker.com/id?1026829

www.ubuntu.com/usn/USN-1436-1

access.redhat.com/errata/RHSA-2012:0428

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=804920

0.916 High

EPSS

Percentile

98.9%

Related for VERACODE:25007

openvas48 fedora10 checkpoint_advisories2 cvelist1 freebsd1 ubuntucve1 nvd1 cve1 nessus30 oraclelinux3 amazon1 debian1 securityvulns2 prion1 redhat4 gentoo1 centos2 ubuntu1 altlinux1 slackware1 suse1 ibm1 vmware2