CVE-2009-5138 – gnutls: incorrect handling of V1 intermediate certificates
https://notcve.org/view.php?id=CVE-2009-5138
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959. GnuTLS anterior a 2.7.6, cuando el indicador GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT no está habilitado, trata certificados X.509 de versión 1 como CAs intermedios, lo que permite a atacantes remotos evadir restricciones mediante el aprovechamiento de un certificado X.509 V1 de un CA confiable para emitir certificados nuevos, una vulnerabilidad diferente a CVE-2014-1959. • http://article.gmane.org/gmane.comp.security.oss.general/12223 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00020.html http://rhn.redhat.com/errata/RHSA-2014-0247.html http://secunia.com/advisories/57254 http://secunia.com/advisories/57260 http://sec • CWE-264: Permissions, Privileges, and Access Controls CWE-295: Improper Certificate Validation •
CVE-2014-0092 – gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)
https://notcve.org/view.php?id=CVE-2014-0092
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. lib/x509/verify.c en GnuTLS anterior a 3.1.22 y 3.2.x anterior a 3.2.12 no maneja debidamente errores no especificados cuando verifica certificados X.509 de servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores a través de un certificado manipulado. • http://gnutls.org/security.html#GNUTLS-SA-2014-2 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00005.html http: • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVE-2014-1959
https://notcve.org/view.php?id=CVE-2014-1959
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. lib/x509/verify.c en GnuTLS anterior a 3.1.21 y 3.2.x anterior a 3.2.11 trata certificados X.509 de versión 1 como CAs intermedios, lo que permite a atacantes remotos evadir restricciones mediante el aprovechamiento de un certificado X.509 V1 de un CA confiable para emitir certificados nuevos. • http://seclists.org/oss-sec/2014/q1/344 http://seclists.org/oss-sec/2014/q1/345 http://www.debian.org/security/2014/dsa-2866 http://www.gnutls.org/security.html http://www.securityfocus.com/bid/65559 http://www.ubuntu.com/usn/USN-2121-1 https://www.gitorious.org/gnutls/gnutls/commit/b1abfe3d182d68539900092eb42fc62cf1bb7e7c • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-4466
https://notcve.org/view.php?id=CVE-2013-4466
Buffer overflow in the dane_query_tlsa function in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.15 and 3.2.x before 3.2.5 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. Desbordamiento de búfer en la función dane_query_tlsa de la librería DANE (libdane) en GnuTLS 3.1.x anterior a la versión 3.1.15 y 3.2.x anterior a 3.2.5 permite en servidores remotos provocar una denegación de servicio (corrupción de memoria) a través de una respuesta que implique más de 4 entradas DANE. • http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/7049 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/7050 http://www.gnutls.org/security.html#GNUTLS-SA-2013-3 http://www.openwall.com/lists/oss-security/2013/10/25/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4487
https://notcve.org/view.php?id=CVE-2013-4487
Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466. Error de superación de límite en dane_raw_tlsa en la librería DANE (libdane) de GnuTLS 3.1.x anterior a la versión 3.1.16 y 3.2.x anterior a 3.2.6 permite en servidores remotos provocar una denegación de servicio (corrupción de memoria) a través de una respuesta con más de 4 entradas DANE. NOTA: este problema se debe a una solución incompleta para CVE-2013-4466. • http://lists.opensuse.org/opensuse-updates/2013-11/msg00064.html http://www.openwall.com/lists/oss-security/2013/10/31/4 https://gitorious.org/gnutls/gnutls/commit/0dd5529509e46b11d5c0f3f26f99294e0e5fa6dc • CWE-189: Numeric Errors •