Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1959

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2014-1959
Last Modified 16 Mar 2014 12:45:38
Published 06 Mar 2014 07:10:57
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1959

Summary

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

Vulnerable Systems

Application

  • Gnutls 3.1.0

  • Gnutls 3.1.1

  • Gnutls 3.1.10

  • Gnutls 3.1.11

  • Gnutls 3.1.12

  • Gnutls 3.1.13

  • Gnutls 3.1.14

  • Gnutls 3.1.15

  • Gnutls 3.1.16

  • Gnutls 3.1.17

  • Gnutls 3.1.18

  • Gnutls 3.1.19

  • Gnutls 3.1.2

  • Gnutls 3.1.20

  • Gnutls 3.1.3

  • Gnutls 3.1.4

  • Gnutls 3.1.5

  • Gnutls 3.1.6

  • Gnutls 3.1.7

  • Gnutls 3.1.8

  • Gnutls 3.1.9

  • Gnutls 3.2.0

  • Gnutls 3.2.1

  • Gnutls 3.2.10

  • Gnutls 3.2.2

  • Gnutls 3.2.3

  • Gnutls 3.2.4

  • Gnutls 3.2.5

  • Gnutls 3.2.6

  • Gnutls 3.2.7

  • Gnutls 3.2.8

  • Gnutls 3.2.8.1

  • Gnutls 3.2.9


References

CONFIRM - https://www.gitorious.org/gnutls/gnutls/commit/b1abfe3d182d68539900092eb42fc62cf1bb7e7c

CONFIRM - http://www.gnutls.org/security.html

DEBIAN - DSA-2866

MLIST - [oss-security] 20140213 Re: CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)

MLIST - [oss-security] 20140213 CVE Request - GnuTLS corrects flaw in certificate verification (3.1.x/3.2.x)

UBUNTU - USN-2121-1


Last Updated: 27 May 2016 11:04:35