CVSS: 7.4EPSS: 84%CPEs: 1EXPL: 0CVE-2013-2116 – gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)
https://notcve.org/view.php?id=CVE-2013-2116
29 May 2013 — The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. La función _gnutls_ciphertext2compressed en lib/gnutls_cipher.c en GnuTLS 2.12.23, permite a atacantes remotos provocar una denegación de servicio (sobrelectura y caída del búfer) a través de un tamaño manipulado. NOTA: esto podría deberse a una incorre... • http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00019.html • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 118EXPL: 2CVE-2013-1619 – gnutls: TLS CBC padding timing attack (lucky-13)
https://notcve.org/view.php?id=CVE-2013-1619
08 Feb 2013 — The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. La implementación de TLS en GnuTLS antes de v2.12.23, v3.0.x antes de v3.0.28, y v3.1.x ... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 93%CPEs: 92EXPL: 1CVE-2012-1573 – gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)
https://notcve.org/view.php?id=CVE-2012-1573
26 Mar 2012 — gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. gnutls_cipher.c en libgnutls en GnuTLS antes de v2.12.17 y v3.x antes de v3.0.15 no maneja adecuadamente los datos cifrados con un cifrado de bloques, lo que permite provocar una denegació... • http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 89%CPEs: 221EXPL: 1CVE-2012-1569 – libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)
https://notcve.org/view.php?id=CVE-2012-1569
26 Mar 2012 — The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. La función asn1_get_length_der en decoding.c en GNU libtasn1 antes de v2.12, tal y como se usa en GnuTLS antes del v3.0.16 y otros productos, no maneja... • http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 1%CPEs: 165EXPL: 2CVE-2012-1663 – GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service
https://notcve.org/view.php?id=CVE-2012-1663
13 Mar 2012 — Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list. Vulnerabilidad de doble liberación en libgnutls en GnuTLS antes de 3.0.14 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de una lista de certificados modificados. • https://www.exploit-db.com/exploits/24865 • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 56EXPL: 0CVE-2012-0390
https://notcve.org/view.php?id=CVE-2012-0390
06 Jan 2012 — The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108. La implementación DTLS en GnuTLS v3.0.10 y anteriores ejecuta codigo de gestion de errores sólo si existe una relación específica entre la longitud de relleno y el tamaño del texto cifrado, l... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0CVE-2011-4128 – gnutls: buffer overflow in gnutls_session_get_data() (GNUTLS-SA-2011-2)
https://notcve.org/view.php?id=CVE-2011-4128
08 Dec 2011 — Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket. Desbordamiento de búfer en la función gnutls_session_get_data en lib/gnutls_session.c en GnuTLS v2.12.x antes de v2.12.14 y v3.x antes de v3.0.7, cuando se utiliza en un cliente que realiza la reanudación de ... • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5596 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 42EXPL: 0CVE-2006-7239
https://notcve.org/view.php?id=CVE-2006-7239
24 May 2010 — The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not supported by GnuTLS, which triggers a NULL pointer dereference. La función _gnutls_x509_oid2mac_algorithm en lib/gnutls_algorithms.c de GnuTLS anterior a v1.4.2. Permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un certificado X.509 ma... • http://lists.gnupg.org/pipermail/gnutls-dev/2006-August/001190.html • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 2%CPEs: 22EXPL: 2CVE-2010-0731 – gnutls: gnutls_x509_crt_get_serial incorrect serial decoding from ASN1 (BE64) [GNUTLS-SA-2010-1]
https://notcve.org/view.php?id=CVE-2010-0731
26 Mar 2010 — The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. La función gnutls_x509_crt_get_serial en la librería GnuTLS anterior a v1.2.1, cunado se está ejecu... • http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 21EXPL: 6CVE-2009-3555 – Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass
https://notcve.org/view.php?id=CVE-2009-3555
09 Nov 2009 — The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other... • https://www.exploit-db.com/exploits/10071 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •