← voltar
CVE-2014-3466

CVE-2014-3466

EPSS 11.3%
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://linux.oracle.com/errata/ELSA-2014-0594.htmlhttp://linux.oracle.com/errata/ELSA-2014-0595.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.htmlhttp://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/http://rhn.redhat.com/errata/RHSA-2014-0594.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0595.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0684.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0815.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1101932