fkie_cve-2008-1949
Vulnerability from fkie_nvd
Published
2008-05-21 13:24
Modified
2024-11-21 00:45
Severity ?
Summary
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.
References
secalert@redhat.comhttp://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commitdiff%3Bh=bc8102405fda11ea00ca3b42acc4f4bce9d6e97b
secalert@redhat.comhttp://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html
secalert@redhat.comhttp://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html
secalert@redhat.comhttp://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html
secalert@redhat.comhttp://secunia.com/advisories/30287Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30302Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30317Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30324Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30330Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30331Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30338Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30355
secalert@redhat.comhttp://secunia.com/advisories/31939
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200805-20.xml
secalert@redhat.comhttp://securityreason.com/securityalert/3902
secalert@redhat.comhttp://sourceforge.net/project/shownotes.php?release_id=600646&group_id=21558
secalert@redhat.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0174
secalert@redhat.comhttp://www.cert.fi/haavoittuvuudet/advisory-gnutls.htmlExploit
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1581
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/252626US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:106
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2008/05/20/1
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2008/05/20/2
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2008/05/20/3
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0489.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0492.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/492282/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/492464/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/29292Patch
secalert@redhat.comhttp://www.securitytracker.com/id?1020058
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-613-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1582/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1583/references
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/42530
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2552
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html
af854a3a-2127-422b-91ae-364da2661108http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commitdiff%3Bh=bc8102405fda11ea00ca3b42acc4f4bce9d6e97b
af854a3a-2127-422b-91ae-364da2661108http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html
af854a3a-2127-422b-91ae-364da2661108http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html
af854a3a-2127-422b-91ae-364da2661108http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30287Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30302Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30317Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30324Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30330Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30331Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30338Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30355
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31939
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200805-20.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3902
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=600646&group_id=21558
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0174
af854a3a-2127-422b-91ae-364da2661108http://www.cert.fi/haavoittuvuudet/advisory-gnutls.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1581
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/252626US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:106
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/05/20/1
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/05/20/2
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/05/20/3
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0489.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0492.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/492282/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/492464/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29292Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020058
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-613-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1582/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1583/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42530
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2552
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html
Impacted products
Vendor Product Version
gnu gnutls 1.0.18
gnu gnutls 1.0.19
gnu gnutls 1.0.20
gnu gnutls 1.0.21
gnu gnutls 1.0.22
gnu gnutls 1.0.23
gnu gnutls 1.0.24
gnu gnutls 1.0.25
gnu gnutls 1.1.13
gnu gnutls 1.1.14
gnu gnutls 1.1.15
gnu gnutls 1.1.16
gnu gnutls 1.1.17
gnu gnutls 1.1.18
gnu gnutls 1.1.19
gnu gnutls 1.1.20
gnu gnutls 1.1.21
gnu gnutls 1.1.22
gnu gnutls 1.1.23
gnu gnutls 1.2.0
gnu gnutls 1.2.1
gnu gnutls 1.2.2
gnu gnutls 1.2.3
gnu gnutls 1.2.4
gnu gnutls 1.2.5
gnu gnutls 1.2.6
gnu gnutls 1.2.7
gnu gnutls 1.2.8
gnu gnutls 1.2.9
gnu gnutls 1.2.10
gnu gnutls 1.2.11
gnu gnutls 1.3.0
gnu gnutls 1.3.1
gnu gnutls 1.3.2
gnu gnutls 1.3.3
gnu gnutls 1.3.4
gnu gnutls 1.3.5
gnu gnutls 1.4.0
gnu gnutls 1.4.1
gnu gnutls 1.4.2
gnu gnutls 1.4.3
gnu gnutls 1.4.4
gnu gnutls 1.4.5
gnu gnutls 1.5.0
gnu gnutls 1.5.1
gnu gnutls 1.5.2
gnu gnutls 1.5.3
gnu gnutls 1.5.4
gnu gnutls 1.5.5
gnu gnutls 1.6.0
gnu gnutls 1.6.1
gnu gnutls 1.6.2
gnu gnutls 1.6.3
gnu gnutls 1.7.0
gnu gnutls 1.7.1
gnu gnutls 1.7.2
gnu gnutls 1.7.3
gnu gnutls 1.7.4
gnu gnutls 1.7.5
gnu gnutls 1.7.6
gnu gnutls 1.7.7
gnu gnutls 1.7.8
gnu gnutls 1.7.9
gnu gnutls 1.7.10
gnu gnutls 1.7.11
gnu gnutls 1.7.12
gnu gnutls 1.7.13
gnu gnutls 1.7.14
gnu gnutls 1.7.15
gnu gnutls 1.7.16
gnu gnutls 1.7.17
gnu gnutls 1.7.18
gnu gnutls 1.7.19
gnu gnutls 2.0.0
gnu gnutls 2.0.1
gnu gnutls 2.0.2
gnu gnutls 2.0.3
gnu gnutls 2.0.4
gnu gnutls 2.1.0
gnu gnutls 2.1.1
gnu gnutls 2.1.2
gnu gnutls 2.1.3
gnu gnutls 2.1.4
gnu gnutls 2.1.5
gnu gnutls 2.1.6
gnu gnutls 2.1.7
gnu gnutls 2.1.8
gnu gnutls 2.2.0
gnu gnutls 2.2.1
gnu gnutls 2.2.2
gnu gnutls 2.2.3
gnu gnutls 2.2.4
gnu gnutls 2.2.5
gnu gnutls 2.3.0
gnu gnutls 2.3.1
gnu gnutls 2.3.2
gnu gnutls 2.3.3
gnu gnutls 2.3.4
gnu gnutls 2.3.5
gnu gnutls 2.3.6
gnu gnutls 2.3.7
gnu gnutls 2.3.8
gnu gnutls 2.3.9
gnu gnutls 2.3.10
gnu gnutls 2.3.11


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9CF40D3-CE03-4C2A-8EEF-EB5989291806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC60D4CC-922C-4941-A400-0CBEAC7F31D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "754A0D19-A17A-4007-8355-497D14CFCBF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "8140DBE1-8116-4051-9A57-07535586E0AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D2DF7F-DCDD-486D-B906-F9DDE3A1DB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CC840D-AD01-4EE2-8652-06742A6286BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "84224A82-6D58-4000-A449-20C1632DAE85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "A466931C-769A-4A28-B072-10930CE655E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEE50AC-8730-4F04-B57C-6BDF8B957F6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F621DC-7967-4D97-A562-02E7033C89C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "776E5481-399F-45BC-AD20-A18508B03916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D7F972-9128-4A4D-8508-B38CE2F155E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D56873-E8C5-4E4B-BB85-6DCF6526B453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FE4766-32D0-491E-8C71-5B998C468142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F980857-2364-466A-8366-BD017D242222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDCF1F0-5A78-48FF-B4B0-303AE2420F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2E649D-5C45-4412-927B-E3EDCE07587C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "066175C2-6E96-4BAE-B1A6-B23D25547FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "869D3010-67AE-44D0-BB8F-D9C410AEA1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "052B40C1-C29B-4189-9A45-DAE873AB716D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F71E61-7455-4E10-B9D8-2B7FDDFB10F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E05A9A1-6B7A-43FB-A9B8-41B68CA5FDCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB08FD9-9AB8-4015-A8BE-FD9F7EBAC6DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B588AAE0-8C3F-47C7-812F-8C97BD8795E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB9154B-4254-4F33-8DB2-5B96E2DA4931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "64D9C191-6A57-40BB-BDD1-6B1A6BBAB51E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2EA79D1-2EA8-4040-A5B5-C93EE937945A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "61D05BC3-1315-4AC7-884D-41459272C94B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "738F29DA-9741-4BA5-B370-417443A3AC2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "52173492-1031-4AA4-A600-6210581059D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB636C36-2884-4F66-B68A-4494AEAF90C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "777A16E4-A1F5-48DC-9BF0-CD9F0DCF8B55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC4231BD-201D-4B10-9E35-B9EEFC714F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9200C3-0F46-4238-918B-38D95BF11547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "024A9511-7CB4-4681-8429-0FE7FC34DF1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "34CEF5ED-87A5-44B2-8A4A-9896957C057B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B84A4F5-CED7-4633-913F-BE8235F68616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "97564ABD-F9CE-4B3C-978A-1622DE3E4924",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB6EC88-DCE0-439B-89CD-18229965849B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E2C89DD-CDBD-4772-A031-089F32006D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C2FD618-91F4-48E7-B945-90CC0A367DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DC9555-E76F-4F8D-AE39-5160B34A87FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B61D180-9EEA-4258-9A59-7F004F2C83F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "00DE1208-BDDC-405B-A34A-B58D00A279DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EF689E-59AA-4619-ADB2-E195CFD4094A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B62AB660-5DA4-4F13-AF9E-DC53D0A18EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22314ED6-D0CD-442E-A645-A9CCFE114AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9E1C5B2-27BF-4328-9336-98B8828EE4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5C952BF-A135-4B15-8A51-94D66B618469",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ADED309-0A25-478D-B542-96217A0DD63E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC0403DE-76B1-4E24-8014-64F73DCB53DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "69EA91B0-249F-41B2-8AD0-0C2AD29BE3D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F714D22-873A-4D64-8151-86BB55EFD084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9181F9-50FF-4995-9554-022CF93376C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED0B40F-3413-40D6-B1EF-E6354D2A91F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E99A7D8-2303-4268-8EF8-6F01A042BEDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C70F69-FB80-4F32-A798-71A5153E6C29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A1E604-500E-4181-BF66-BB69C7C3F425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8120E3-B60F-44E4-B837-4707A9BAEDBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D3F16F-2C23-48E9-9F2D-1F1DF74719E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7073EAD-06C9-4309-B479-135021E82B99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "546C56AC-AFCC-47B7-A5A8-D3E3199BEA41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1895868E-E501-42C2-8450-EEED4447BAB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED1FCE0-260B-4FB2-9DBD-F4D0D35639AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "199AA36A-3B23-438C-9109-CC9000372986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6FFF05-37B2-4D69-86AF-921591382D21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "82BF8600-4E5D-4FF4-953C-F2DC726CA6CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C40F0E-B102-4FE8-9E93-0ACFBF35226D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "22802660-D33F-4683-B82F-C94AC6170A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3623E9BE-F513-4301-BF0C-6A7F87E78E7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5DBAF08-1441-4F14-A740-E90044B77042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE9BB7E-DDD8-4CBF-AEC2-40D59A560BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3B6684-3890-4B60-BE67-D06045A86B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C6C982-21D5-4FE3-A342-FC45BD78D2F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69E3A01-D8C6-4C36-8C4E-52B96541D5B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D61596-01EB-4936-923B-63537625F926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "599EB59C-7717-47A8-84C6-78B6D79AEB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A6CBB77-818D-4DFF-9DD9-07EBF9933B06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26E9005E-5034-43F2-B96E-7829E19FE3A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FA854EA-29FE-4B91-AEA3-ED649D7FD25A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC3A5EE-2892-4548-A0CB-D3289CD64D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "83F22BF4-A738-438B-8D0B-6993640F0D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3193B7-8FB9-45E4-BFF6-891A3F14F021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF269AE-121B-4982-A765-5C7E806FA9FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1C9F604-7FBE-4759-B039-8F5894574203",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "191821CD-E4CB-4269-B04C-284A9F9783B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A71474-958D-4689-A652-3E2A731F47FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38169043-17DF-4CF9-963A-8770B8882357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7E5D9C-0976-4C9A-9FEB-AB923845BAD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4537676-A72E-4433-B44F-3664EDD6F240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7CCCB66-C7CC-4E5C-8253-C29D57BE9B43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D090B10-68F2-424D-8234-2A280AA96B59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "23168B77-645D-4A2A-A6E3-7001104064A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D085B16-3116-423F-BDE0-2D93E12650A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59247E9-CDAE-4269-A8E4-F49F617CDD23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6019C0C-E9DD-4831-8E6A-785AE1A930FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F9CF15-8789-49B6-BB6D-B784C8FF20ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6DAE798-14C9-4CB6-A39F-69CDF9D8FBB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C51E0C88-B19C-408D-AC17-10CE7462D48A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A7FBFAA-263C-4B7B-A135-9824DFD8CCDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AC41482-B3BC-4C93-A850-73A179BAB763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC80BE1-28A6-4348-A061-8FD9C805E945",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D8EF703-AE06-4DD7-9235-2D8CCDB24F96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8AC314-065B-4BC3-A5EE-CA6D3006F9F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8201FF6-53A8-4850-A2B2-47AA65B2CB75",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n _gnutls_recv_client_kx_message en lib/gnutls_kx.c de libgnutls en gnutls-serv de GnuTLS versiones anteriores a la 2.2.4 contin\u00faa procesando los mensajes Client Hello dentro de un mensaje TLS despu\u00e9s de que uno ya haya sido procesado, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia NULL y ca\u00edda) a trav\u00e9s de un mensaje TLS que contiene m\u00faltiples mensajes Hello Client, tambi\u00e9n conocida como GNUTLS-SA-2008-1-2."
    }
  ],
  "id": "CVE-2008-1949",
  "lastModified": "2024-11-21T00:45:44.173",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-21T13:24:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commitdiff%3Bh=bc8102405fda11ea00ca3b42acc4f4bce9d6e97b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30287"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30302"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30317"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30324"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30330"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30331"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30338"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30355"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31939"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200805-20.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/3902"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600646\u0026group_id=21558"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0174"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.cert.fi/haavoittuvuudet/advisory-gnutls.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1581"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252626"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:106"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0489.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0492.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/492282/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/492464/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29292"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020058"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-613-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1582/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1583/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42530"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2552"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commitdiff%3Bh=bc8102405fda11ea00ca3b42acc4f4bce9d6e97b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=600646\u0026group_id=21558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.cert.fi/haavoittuvuudet/advisory-gnutls.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/252626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/05/20/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0489.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0492.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/492282/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/492464/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-613-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1582/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1583/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.