Описание
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | gnutls | Will not fix | ||
| Red Hat Enterprise Linux 6 | mingw32-gnutls | Will not fix | ||
| Red Hat Enterprise Linux 5 | gnutls | Fixed | RHSA-2012:0428 | 27.03.2012 |
| Red Hat Enterprise Linux 6 | gnutls | Fixed | RHSA-2012:0429 | 27.03.2012 |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | rhev-hypervisor6 | Fixed | RHSA-2012:0531 | 30.04.2012 |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3 ...
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
5 Medium
CVSS2