Mandriva Linux Security Advisory - Flaws discovered in versions prior to 2.2.4 (stable) and 2.3.10 (development) of GnuTLS allow an attacker to cause denial of service (application crash), and maybe (so far undetermined) execute arbitrary code.
48c88ae1eb7e02ffa6ffaef8503450f4fe97526196b1ce72983b1c15d407dd54Gentoo Linux Security Advisory GLSA 200805-20 - Multiple vulnerabilities might allow for the execution of arbitrary code in daemons using GnuTLS. Versions less than 2.2.5 are affected.
e37e04b526b4b0b5bb000df629ceab208e43543a12e0226906b04744ba9ae394Ubuntu Security Notice 613-1 - Multiple flaws were discovered in the connection handling of GnuTLS. A remote attacker could exploit this to crash applications linked against GnuTLS, or possibly execute arbitrary code with permissions of the application's user.
a45f8245b0df9dead664e29c144fe9c30dbfd2375c8b1592fdd17bed4f6c14f7Debian Security Advisory 1581-1 - Several remote vulnerabilities have been discovered in GNUTLS, an implementation of the SSL/TLS protocol suite. A pre-authentication heap overflow involving oversized session resumption data may lead to arbitrary code execution. Repeated client hellos may result in a pre-authentication denial of service condition due to a null pointer dereference. Decoding cipher padding with an invalid record length may cause GNUTLS to read memory beyond the end of the received record, leading to a pre-authentication denial of service condition.
d2f29ae70f7b4441b6a3254c5c79d7457ce29380453a05d402274526b66a0c52
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed