← volver
CVE-2014-3466

CVE-2014-3466

EPSS 11.3%
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://linux.oracle.com/errata/ELSA-2014-0594.htmlhttp://linux.oracle.com/errata/ELSA-2014-0595.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.htmlhttp://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/http://rhn.redhat.com/errata/RHSA-2014-0594.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0595.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0684.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0815.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1101932