CVE-2004-2531

CVE-2004-2531

EPSS 1.7%

X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lists.gnupg.org/pipermail/gnutls-dev/2004-August/000703.html http://secunia.com/advisories/12156 http://securitytracker.com/id?1010838 https://exchange.xforce.ibmcloud.com/vulnerabilities/16858 http://www.hornik.sk/SA/SA-20040802.txt http://www.osvdb.org/8278 http://www.securityfocus.com/bid/10839