CVSS: 7.5EPSS: 0%CPEs: 99EXPL: 0CVE-2014-8564 – gnutls: Heap corruption when generating key ID for ECC (GNUTLS-SA-2014-5)
https://notcve.org/view.php?id=CVE-2014-8564
11 Nov 2014 — The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs. La función _gnutls_ecc_ansi_x963_export en gnutls_ecc.c en GnuTLS 3.x anterior a 3.1.28, 3.2.x anterior a 3.2.20, y 3.3.x anterior a 3.3.10 permite a atacantes remotos... • http://lists.opensuse.org/opensuse-updates/2014-11/msg00084.html • CWE-122: Heap-based Buffer Overflow CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 60EXPL: 0CVE-2014-3465 – gnutls: gnutls_x509_dn_oid_name NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-3465
06 Jun 2014 — The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. La función gnutls_x509_dn_oid_name en lib/x509/common.c en GnuTLS 3.0 anterior a 3.1.20 y 3.2.x anterior a 3.2.10 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) a través de un... • http://lists.gnutls.org/pipermail/gnutls-help/2014-January/003326.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 6%CPEs: 38EXPL: 0CVE-2014-3468 – libtasn1: asn1_get_bit_der() can return negative bit length
https://notcve.org/view.php?id=CVE-2014-3468
03 Jun 2014 — The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. La función asn1_get_bit_der en GNU Libtasn1 anterior a 3.6 no informa debidamente de un error cuando una longitud de bit negativa está identificada, lo que permite a atacantes dependientes de contexto causar acceso fuera de rango a través de datos ASN.1 manipulados. Multiple buffer b... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 9.8EPSS: 7%CPEs: 35EXPL: 0CVE-2014-3469 – libtasn1: asn1_read_value_type() NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-3469
03 Jun 2014 — The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. Las funciones (1) asn1_read_value_type y (2) asn1_read_value en GNU Libtasn1 anterior a 3.6 permite a atacantes dependientes de contexto causar una denegación de servicio (referencia de puntero nulo y caída) a través de un valor nulo en un argumento ivalue. Multiple buffer boundar... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 5%CPEs: 38EXPL: 0CVE-2014-3467 – libtasn1: multiple boundary check issues
https://notcve.org/view.php?id=CVE-2014-3467
03 Jun 2014 — Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data. Múltiples vulnerabilidades no especificadas en el decodificador DER en GNU Libtasn1 en versiones anteriores a 3.6, como se utiliza en GnuTLS, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo ASN.1 manipulado. Multiple buffer boundary check issues ... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 20%CPEs: 47EXPL: 3CVE-2014-3466 – gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)
https://notcve.org/view.php?id=CVE-2014-3466
02 Jun 2014 — Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. Desbordamiento de buffer en la función read_server_hello en lib/gnutls_handshake.c en GnuTLS anterior a 3.1.25, 3.2.x anterior a 3.2.15 y 3.3.x anterior a 3.3.4 permite a servidores remotos causar una denegación d... • https://github.com/azet/CVE-2014-3466_PoC • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.4EPSS: 1%CPEs: 6EXPL: 1CVE-2009-5138 – gnutls: incorrect handling of V1 intermediate certificates
https://notcve.org/view.php?id=CVE-2009-5138
03 Mar 2014 — GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959. GnuTLS anterior a 2.7.6, cuando el indicador GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT no está habilitado, trata certificados X.509 de versión 1 como CAs intermedios, lo que permite a at... • http://article.gmane.org/gmane.comp.security.oss.general/12223 • CWE-264: Permissions, Privileges, and Access Controls CWE-295: Improper Certificate Validation •
CVSS: 7.4EPSS: 3%CPEs: 35EXPL: 0CVE-2014-0092 – gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)
https://notcve.org/view.php?id=CVE-2014-0092
03 Mar 2014 — lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. lib/x509/verify.c en GnuTLS anterior a 3.1.22 y 3.2.x anterior a 3.2.12 no maneja debidamente errores no especificados cuando verifica certificados X.509 de servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores a través de un certificad... • http://gnutls.org/security.html#GNUTLS-SA-2014-2 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 1CVE-2014-1959 – Mandriva Linux Security Advisory 2014-043
https://notcve.org/view.php?id=CVE-2014-1959
20 Feb 2014 — lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. lib/x509/verify.c en GnuTLS anterior a 3.1.21 y 3.2.x anterior a 3.2.11 trata certificados X.509 de versión 1 como CAs intermedios, lo que permite a atacantes remotos evadir restricciones mediante el aprovechamiento de un certificado X.509 V1 de... • http://seclists.org/oss-sec/2014/q1/344 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2013-4466
https://notcve.org/view.php?id=CVE-2013-4466
19 Nov 2013 — Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. Desbordamiento de búfer en la función dane_query_tlsa de la librería DANE (libdane) en GnuTLS 3.1.x anterior a la versión 3.1.15 y 3.2.x anterior a 3.2.5 permite en servidores remotos provocar una denegación de servicio (corrupción de memoria) a través de una r... • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/7049 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •