Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0282

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-0282
Last Modified 11 May 2015 10:02:20
Published 24 Mar 2015 01:59:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0282

Summary

GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

Vulnerable Systems

Application

  • Gnutls 3.0.9


References

CONFIRM - http://www.gnutls.org/security.html

DEBIAN - DSA-3191

SECTRACK - 1032148


Last Updated: 27 May 2016 11:08:12