Test ID:	1.3.6.1.4.1.25623.1.0.54936
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200505-04 (GnuTLS)
Summary:	The remote host is missing updates announced in;advisory GLSA 200505-04.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200505-04. Vulnerability Insight: The GnuTLS library is vulnerable to Denial of Service attacks. Solution: All GnuTLS users should remove the existing installation and upgrade to the latest version: # emerge --sync # emerge --unmerge gnutls # emerge --ask --oneshot --verbose net-libs/gnutls Due to small API changes with the previous version, please do the following to ensure your applications are using the latest GnuTLS that you just emerged. # revdep-rebuild --soname-regexp libgnutls.so.1[01] Previously exported RSA keys can be fixed by executing the following command on the key files: # certtool -k infile outfile CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1431 BugTraq ID: 13477 http://www.securityfocus.com/bid/13477 http://lists.gnupg.org/pipermail/gnutls-dev/2005-April/000858.html http://www.osvdb.org/16054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9238 http://www.redhat.com/support/errata/RHSA-2005-430.html http://securitytracker.com/id?1013861 http://secunia.com/advisories/15193 XForce ISS Database: gnutls-record-parsing-dos(20328) https://exchange.xforce.ibmcloud.com/vulnerabilities/20328
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.