English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60971
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDVSA-2008:106 (gnutls)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to gnutls
announced via advisory MDVSA-2008:106.

Flaws discovered in versions prior to 2.2.4 (stable) and 2.3.10
(development) of GnuTLS allow an attacker to cause denial of service
(application crash), and maybe (so far undetermined) execute arbitrary
code.

The updated packages have been patched to fix these flaws.

Note that any applications using this library must be restarted for
the update to take effect.

Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:106

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-1948
BugTraq ID: 29292
http://www.securityfocus.com/bid/29292
Bugtraq: 20080520 Vulnerability Advisory on GnuTLS (Google Search)
http://www.securityfocus.com/archive/1/492282/100/0/threaded
Bugtraq: 20080522 rPSA-2008-0174-1 gnutls (Google Search)
http://www.securityfocus.com/archive/1/492464/100/0/threaded
CERT/CC vulnerability note: VU#111034
http://www.kb.cert.org/vuls/id/111034
Debian Security Information: DSA-1581 (Google Search)
http://www.debian.org/security/2008/dsa-1581
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html
http://security.gentoo.org/glsa/glsa-200805-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:106
http://www.cert.fi/haavoittuvuudet/advisory-gnutls.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html
http://www.openwall.com/lists/oss-security/2008/05/20/1
http://www.openwall.com/lists/oss-security/2008/05/20/2
http://www.openwall.com/lists/oss-security/2008/05/20/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10935
http://www.redhat.com/support/errata/RHSA-2008-0489.html
http://www.redhat.com/support/errata/RHSA-2008-0492.html
http://www.securitytracker.com/id?1020057
http://secunia.com/advisories/30287
http://secunia.com/advisories/30302
http://secunia.com/advisories/30317
http://secunia.com/advisories/30324
http://secunia.com/advisories/30330
http://secunia.com/advisories/30331
http://secunia.com/advisories/30338
http://secunia.com/advisories/30355
http://secunia.com/advisories/31939
http://securityreason.com/securityalert/3902
SuSE Security Announcement: SUSE-SA:2008:046 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html
http://www.ubuntu.com/usn/usn-613-1
http://www.vupen.com/english/advisories/2008/1582/references
http://www.vupen.com/english/advisories/2008/1583/references
XForce ISS Database: gnutls-gnutlsservernamerecvparams-bo(42532)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42532
Common Vulnerability Exposure (CVE) ID: CVE-2008-1949
CERT/CC vulnerability note: VU#252626
http://www.kb.cert.org/vuls/id/252626
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519
http://www.securitytracker.com/id?1020058
XForce ISS Database: gnutls-gnutlsrecvclientkxmessage-bo(42530)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42530
Common Vulnerability Exposure (CVE) ID: CVE-2008-1950
CERT/CC vulnerability note: VU#659209
http://www.kb.cert.org/vuls/id/659209
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11393
http://www.securitytracker.com/id?1020059
XForce ISS Database: gnutls-gnutlsciphertext2compressed-bo(42533)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42533
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.