CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-7444 – gnutls: Incorrect certificate validation when using OCSP responses (GNUTLS-SA-2016-3)
https://notcve.org/view.php?id=CVE-2016-7444
The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc. La función gnutls_ocsp_resp_check_crt en lib/x509/ocsp.c en GnuTLS en versiones anteriores a 3.4.15 y 3.5.x en versiones anteriores a 3.5.4 no verifica la longitud de serie de una respuesta OCSP, lo que podría permitir a atacantes remotos eludir un mecanismo de validación destinada a certificados a través de vectores que involucran bytes finales dejados por gnutls_malloc. A flaw was found in the way GnuTLS validated certificates using OCSP responses. This could falsely report a certificate as valid under certain circumstances. • http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html http://www.securityfocus.com/bid/92893 https://access.redhat.com/errata/RHSA-2017:2292 https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9 https://lists.gnupg.org/pipermail/gnutls-devel/2016-September/008146.html https://www.gnutls.org/security.html https://access.redhat.com/security/cve/CVE-2016-7444 https://bugzilla.redhat.com/show_bug.cgi?id=1374266 • CWE-264: Permissions, Privileges, and Access Controls CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 4%CPEs: 5EXPL: 0CVE-2015-8313
https://notcve.org/view.php?id=CVE-2015-8313
GnuTLS incorrectly validates the first byte of padding in CBC modes GnuTLS comprueba incorrectamente el primer byte de relleno en los modos CBC • http://www.debian.org/security/2015/dsa-3408 http://www.securityfocus.com/archive/1/537012/100/0/threaded http://www.securityfocus.com/bid/78327 https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313 https://security-tracker.debian.org/tracker/CVE-2015-8313 • CWE-203: Observable Discrepancy •
CVSS: 5.0EPSS: 18%CPEs: 23EXPL: 0CVE-2015-6251
https://notcve.org/view.php?id=CVE-2015-6251
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. Vulnerabilidad de liberación doble en GnuTLS en versiones anteriores a la 3.3.17 y 3.4.x versiones anteriores a 3.4.4, permite a atacantes remotos causar una denegación de servicio a través de una entrada DistinguishedName (DN) de gran longitud en un certificado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165286.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00001.html http://www.debian.org/security/2015/dsa-3334 http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 http://www.openwall.com/lists/oss-security/2015/08/10/1 http://www.openwall.com/lists/oss-security/2015/08/17/6 http://www.securityfocus.com/bid/76267 http://www.securitytracker.com/id/1033226 https://bugzilla.redhat.com/show& •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2015-3308
https://notcve.org/view.php?id=CVE-2015-3308
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. Vulnerabilidad de liberación doble en lib/x509/x509_ext.c en GnuTLS en versiones anteriores a 3.3.14, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un punto de distribución CRL manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155101.html http://www.gnutls.org/security.html#GNUTLS-SA-2015-4 http://www.openwall.com/lists/oss-security/2015/04/15/6 http://www.openwall.com/lists/oss-security/2015/04/16/6 http://www.securityfocus.com/bid/74188 http://www.securitytracker.com/id/1033774 http://www.ubuntu.com/usn/USN-2727-1 https://gitlab.com/gnutls/gnutls/commit/053ae65403216acdb0a4e78b25ad66ee9f444f02 https://gitlab.com/gnutls/gnutls/co •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8155 – gnutls: gnutls does not perform date/time checks on CA certificates
https://notcve.org/view.php?id=CVE-2014-8155
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid. Vulnerabilidad en GnuTLS en versiones anteriores a 2.9.10, no verifica las fechas de activación y expiración de certificados CA, lo que permite a atacantes man-in-the-middle suplantar servidores a través de un certificado expedido por un certificado CA que (1) aún no es válido o (2) ya no es válido. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. • http://rhn.redhat.com/errata/RHSA-2015-1457.html http://www.securityfocus.com/bid/73317 https://gitlab.com/gnutls/gnutls/commit/897cbce62c0263a498088ac3e465aa5f05f8719c https://support.f5.com/csp/article/K53330207 https://access.redhat.com/security/cve/CVE-2014-8155 https://bugzilla.redhat.com/show_bug.cgi?id=1197995 • CWE-17: DEPRECATED: Code CWE-325: Missing Cryptographic Step •