 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2024.0089 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2024-0089) |
| Zusammenfassung: | The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2024-0089 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the MGASA-2024-0089 advisory. Vulnerability Insight: The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. (CVE-2024-28834) A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the 'certtool --verify-chain' command. (CVE-2024-28835) Affected Software/OS: 'gnutls' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:N/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-28834 RHBZ#2269228 https://bugzilla.redhat.com/show_bug.cgi?id=2269228 RHSA-2024:1784 https://access.redhat.com/errata/RHSA-2024:1784 RHSA-2024:1879 https://access.redhat.com/errata/RHSA-2024:1879 RHSA-2024:1997 https://access.redhat.com/errata/RHSA-2024:1997 RHSA-2024:2044 https://access.redhat.com/errata/RHSA-2024:2044 RHSA-2024:2570 https://access.redhat.com/errata/RHSA-2024:2570 RHSA-2024:2889 https://access.redhat.com/errata/RHSA-2024:2889 http://www.openwall.com/lists/oss-security/2024/03/22/1 http://www.openwall.com/lists/oss-security/2024/03/22/2 https://access.redhat.com/security/cve/CVE-2024-28834 https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html https://minerva.crocs.fi.muni.cz/ https://people.redhat.com/~hkario/marvin/ Common Vulnerability Exposure (CVE) ID: CVE-2024-28835 RHBZ#2269084 https://bugzilla.redhat.com/show_bug.cgi?id=2269084 https://access.redhat.com/security/cve/CVE-2024-28835 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |