CVSS: 5.8EPSS: 6%CPEs: 35EXPL: 0CVE-2014-0092 – gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)
https://notcve.org/view.php?id=CVE-2014-0092
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. lib/x509/verify.c en GnuTLS anterior a 3.1.22 y 3.2.x anterior a 3.2.12 no maneja debidamente errores no especificados cuando verifica certificados X.509 de servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores a través de un certificado manipulado. • http://gnutls.org/security.html#GNUTLS-SA-2014-2 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00005.html http:&#x • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 5.8EPSS: 0%CPEs: 33EXPL: 1CVE-2014-1959
https://notcve.org/view.php?id=CVE-2014-1959
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. lib/x509/verify.c en GnuTLS anterior a 3.1.21 y 3.2.x anterior a 3.2.11 trata certificados X.509 de versión 1 como CAs intermedios, lo que permite a atacantes remotos evadir restricciones mediante el aprovechamiento de un certificado X.509 V1 de un CA confiable para emitir certificados nuevos. • http://seclists.org/oss-sec/2014/q1/344 http://seclists.org/oss-sec/2014/q1/345 http://www.debian.org/security/2014/dsa-2866 http://www.gnutls.org/security.html http://www.securityfocus.com/bid/65559 http://www.ubuntu.com/usn/USN-2121-1 https://www.gitorious.org/gnutls/gnutls/commit/b1abfe3d182d68539900092eb42fc62cf1bb7e7c • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 95%CPEs: 92EXPL: 1CVE-2012-1573 – gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)
https://notcve.org/view.php?id=CVE-2012-1573
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. gnutls_cipher.c en libgnutls en GnuTLS antes de v2.12.17 y v3.x antes de v3.0.15 no maneja adecuadamente los datos cifrados con un cifrado de bloques, lo que permite provocar una denegación de servicio (corrupción de la pila de memoria y caída de la aplicación) a atacantes remotos a través de un registro hecho a mano, como se demuestra por una estructura GenericBlockCipher especificamente creada para este fin. • http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912 http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185 http://lists.fedoraproject.org/piper • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 91%CPEs: 221EXPL: 1CVE-2012-1569 – libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)
https://notcve.org/view.php?id=CVE-2012-1569
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. La función asn1_get_length_der en decoding.c en GNU libtasn1 antes de v2.12, tal y como se usa en GnuTLS antes del v3.0.16 y otros productos, no maneja adecuadamente ciertos valores de longitud demasiado grandes, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de la pila de memoria y caída de la aplicación) o posiblemente tener un impacto no especificado a través de una estructura ASN.1 especificamente elaborada para este fin. • http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54 http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns http://linux.oracle.com/errata/ELSA-2014-0596.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html http://lists.fedoraproject.org/pipermail/ • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 165EXPL: 2CVE-2012-1663 – GnuTLS libgnutls - Double-Free Certificate List Parsing Remote Denial of Service
https://notcve.org/view.php?id=CVE-2012-1663
Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list. Vulnerabilidad de doble liberación en libgnutls en GnuTLS antes de 3.0.14 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de una lista de certificados modificados. • https://www.exploit-db.com/exploits/24865 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5866 http://www.exploit-db.com/exploits/24865 https://exchange.xforce.ibmcloud.com/vulnerabilities/74099 • CWE-399: Resource Management Errors •