Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.54936
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 200505-04 (GnuTLS)
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory GLSA 200505-04.

The GnuTLS library is vulnerable to Denial of Service attacks.

Solution:
All GnuTLS users should remove the existing installation and upgrade to the
latest version:

# emerge --sync
# emerge --unmerge gnutls
# emerge --ask --oneshot --verbose net-libs/gnutls

Due to small API changes with the previous version, please do the
following to ensure your applications are using the latest GnuTLS that you
just emerged.

# revdep-rebuild --soname-regexp libgnutls.so.1[0-1]

Previously exported RSA keys can be fixed by executing the following
command on the key files:

# certtool -k infile outfile

https://secure1.securityspace.com/smysecure/catid.html?in=GLSA%20200505-04
http://bugs.gentoo.org/show_bug.cgi?id=90726
http://lists.gnupg.org/pipermail/gnutls-dev/2005-April/000858.html

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1431
BugTraq ID: 13477
http://www.securityfocus.com/bid/13477
http://lists.gnupg.org/pipermail/gnutls-dev/2005-April/000858.html
http://www.osvdb.org/16054
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9238
http://www.redhat.com/support/errata/RHSA-2005-430.html
http://securitytracker.com/id?1013861
http://secunia.com/advisories/15193
XForce ISS Database: gnutls-record-parsing-dos(20328)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20328
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.