oss-sec mailing list archives
CVE ID request: GNUTLS
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 19 May 2008 22:16:50 +0200
Several issues have been announced in GNUTLS-SA-2008-1: *** [GNUTLS-SA-2008-1-1] *** libgnutls: Fix crash when sending invalid server name. The crash can be triggered remotely before authentication, which can lead to a Daniel of Service attack to disable the server. The bug cause gnutls to store more session resumption data than what was allocated for, thus overwriting unallocated memory. *** [GNUTLS-SA-2008-1-2] *** libgnutls: Fix crash when sending repeated client hellos. The crash can be triggered remotely before authentication, which can lead to a Daniel of Service attack to disable the server. The bug triggers a null-pointer dereference. *** [GNUTLS-SA-2008-1-3] *** libgnutls: Fix crash in cipher padding decoding for invalid record *** lengths. The crash can be triggered remotely before authentication, which can lead to a Daniel of Service attack to disable the server. The bug cause gnutls to read memory beyond the end of the received record. AFAIK, no CVE IDs have bee assigned yet.
Current thread:
- CVE ID request: GNUTLS Florian Weimer (May 19)
- Re: CVE ID request: GNUTLS Jonathan Smith (May 19)
- Re: CVE ID request: GNUTLS Simon Josefsson (May 20)
- Re: CVE ID request: GNUTLS Tomas Hoger (May 20)
- Re: CVE ID request: GNUTLS Mark J Cox (May 20)
- Re: CVE ID request: GNUTLS Jonathan Smith (May 19)