Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1948

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-1948
Last Modified 07 Mar 2011 10:08:17
Published 21 May 2008 09:24:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1948

Summary

The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1.

Vulnerable Systems

Application

  • Gnutls 1.0.18

  • Gnutls 1.0.19

  • Gnutls 1.0.20

  • Gnutls 1.0.21

  • Gnutls 1.0.22

  • Gnutls 1.0.23

  • Gnutls 1.0.24

  • Gnutls 1.0.25

  • Gnutls 1.1.13

  • Gnutls 1.1.14

  • Gnutls 1.1.15

  • Gnutls 1.1.16

  • Gnutls 1.1.17

  • Gnutls 1.1.18

  • Gnutls 1.1.19

  • Gnutls 1.1.20

  • Gnutls 1.1.21

  • Gnutls 1.1.22

  • Gnutls 1.1.23

  • Gnutls 1.2.0

  • Gnutls 1.2.1

  • Gnutls 1.2.10

  • Gnutls 1.2.11

  • Gnutls 1.2.2

  • Gnutls 1.2.3

  • Gnutls 1.2.4

  • Gnutls 1.2.5

  • Gnutls 1.2.6

  • Gnutls 1.2.7

  • Gnutls 1.2.8

  • Gnutls 1.2.9

  • Gnutls 1.3.0

  • Gnutls 1.3.1

  • Gnutls 1.3.2

  • Gnutls 1.3.3

  • Gnutls 1.3.4

  • Gnutls 1.3.5

  • Gnutls 1.4.0

  • Gnutls 1.4.1

  • Gnutls 1.4.2

  • Gnutls 1.4.3

  • Gnutls 1.4.4

  • Gnutls 1.4.5

  • Gnutls 1.5.0

  • Gnutls 1.5.1

  • Gnutls 1.5.2

  • Gnutls 1.5.3

  • Gnutls 1.5.4

  • Gnutls 1.5.5

  • Gnutls 1.6.0

  • Gnutls 1.6.1

  • Gnutls 1.6.2

  • Gnutls 1.6.3

  • Gnutls 1.7.0

  • Gnutls 1.7.1

  • Gnutls 1.7.10

  • Gnutls 1.7.11

  • Gnutls 1.7.12

  • Gnutls 1.7.13

  • Gnutls 1.7.14

  • Gnutls 1.7.15

  • Gnutls 1.7.16

  • Gnutls 1.7.17

  • Gnutls 1.7.18

  • Gnutls 1.7.19

  • Gnutls 1.7.2

  • Gnutls 1.7.3

  • Gnutls 1.7.4

  • Gnutls 1.7.5

  • Gnutls 1.7.6

  • Gnutls 1.7.7

  • Gnutls 1.7.8

  • Gnutls 1.7.9

  • Gnutls 2.0.0

  • Gnutls 2.0.1

  • Gnutls 2.0.2

  • Gnutls 2.0.3

  • Gnutls 2.0.4

  • Gnutls 2.1.0

  • Gnutls 2.1.1

  • Gnutls 2.1.2

  • Gnutls 2.1.3

  • Gnutls 2.1.4

  • Gnutls 2.1.5

  • Gnutls 2.1.6

  • Gnutls 2.1.7

  • Gnutls 2.1.8

  • Gnutls 2.2.0

  • Gnutls 2.2.1

  • Gnutls 2.2.2

  • Gnutls 2.2.3

  • Gnutls 2.2.4

  • Gnutls 2.2.5

  • Gnutls 2.3.0

  • Gnutls 2.3.1

  • Gnutls 2.3.10

  • Gnutls 2.3.11

  • Gnutls 2.3.2

  • Gnutls 2.3.3

  • Gnutls 2.3.4

  • Gnutls 2.3.5

  • Gnutls 2.3.6

  • Gnutls 2.3.7

  • Gnutls 2.3.8

  • Gnutls 2.3.9


References

CERT-VN - VU#111034

BID - 29292

MLIST - [oss-security] 20080520 Re: CVE ID request: GNUTLS

CONFIRM - https://issues.rpath.com/browse/RPL-2552

XF - gnutls-gnutlsservernamerecvparams-bo(42532)

VUPEN - ADV-2008-1583

VUPEN - ADV-2008-1582

BUGTRAQ - 20080520 Vulnerability Advisory on GnuTLS

REDHAT - RHSA-2008:0492

REDHAT - RHSA-2008:0489

MISC - http://www.cert.fi/haavoittuvuudet/advisory-gnutls.html

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0174

SREASON - 3902

SECUNIA - 31939

SECUNIA - 30355

SUSE - SUSE-SA:2008:046

MLIST - [gnutls-devel] 20080519 GnuTLS 2.2.5 - Brown paper bag release

MLIST - [gnutls-devel] 20080519 Re: GnuTLS 2.2.4 - Security release [GNUTLS-SA-2008-1]

MLIST - [gnutls-devel] 20080519 GnuTLS 2.2.4 - Security release [GNUTLS-SA-2008-1]

CONFIRM - http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=bc8102405fda11ea00ca3b42acc4f4bce9d6e97b

FEDORA - FEDORA-2008-4274

FEDORA - FEDORA-2008-4259

FEDORA - FEDORA-2008-4183

UBUNTU - USN-613-1

SECTRACK - 1020057

BUGTRAQ - 20080522 rPSA-2008-0174-1 gnutls

MANDRIVA - MDVSA-2008:106

DEBIAN - DSA-1581

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=600646&group_id=21558

GENTOO - GLSA-200805-20

SECUNIA - 30338

SECUNIA - 30331

SECUNIA - 30330

SECUNIA - 30324

SECUNIA - 30317

SECUNIA - 30302

SECUNIA - 30287

Related Patches

Novell SUSE 2008:5601 gnutls security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:47:42