Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN126-1 : gnutls11, gnutls10 vulnerability Vulnerability Scan

Vulnerability Scan Summary
gnutls11, gnutls10 vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- gnutls-bin
- libgnutls-doc
- libgnutls10
- libgnutls10-dev
- libgnutls11
- libgnutls11-dbg
- libgnutls11-dev

Description :

A Denial of Service vulnerability was discovered in the GNU TLS
library, which provides common cryptographic algorithms and is used by
many applications in Ubuntu. Due to a missing sanity check of the
padding length field, specially crafted ciphertext blocks caused an
out of bounds memory access which could crash the application. It was
not possible to exploit this to execute any attacker specified code.

Solution :

Upgrade to :
- gnutls-bin-1.0.16-13ubuntu0.1 (Ubuntu 5.04)
- libgnutls-doc-1.0.4-3ubuntu1.1 (Ubuntu 4.10)
- libgnutls10-1.0.4-3ubuntu1.1 (Ubuntu 4.10)
- libgnutls10-dev-1.0.4-3ubuntu1.1 (Ubuntu 4.10)
- libgnutls11-1.0.16-13ubuntu0.1 (Ubuntu 5.04)
- libgnutls11-dbg-1.0.16-13ubuntu0.1 (Ubuntu 5.04)
- libgnutls11-dev-1.0.16-13ubuntu0.1 (Ubuntu 5.04)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.