English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.61461
Category:Slackware Local Security Checks
Title:Slackware: Security Advisory (SSA:2008-180-01)
Summary:The remote host is missing an update for the 'gnutls' package(s) announced via the SSA:2008-180-01 advisory.
Description:Summary:
The remote host is missing an update for the 'gnutls' package(s) announced via the SSA:2008-180-01 advisory.

Vulnerability Insight:
New gnutls packages are available for Slackware 12.0, 12.1, and -current to
fix security issues.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[links moved to references]


Here are the details from the Slackware 12.1 ChangeLog:
+--------------------------+
patches/packages/gnutls-2.2.5-i486-1_slack12.1.tgz:
Upgraded to GnuTLS version 2.2.5.
This updated package fixes bugs which can lead to a denial of service
(DoS) in programs linked with GnuTLS. Thanks to Ossi Herrala and
Jukka Taimisto from the CROSS project at Codenomicon Ltd. for finding
and reporting the problems, and to Simon Josefsson and
Nikos Mavrogiannopoulos for researching the issues and developing
patches, and to Andreas Metzler for noting and reporting a problem with
one of the original patches.
For more information about the issues patched, please refer to:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'gnutls' package(s) on Slackware 12.0, Slackware 12.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-1948
BugTraq ID: 29292
http://www.securityfocus.com/bid/29292
Bugtraq: 20080520 Vulnerability Advisory on GnuTLS (Google Search)
http://www.securityfocus.com/archive/1/492282/100/0/threaded
Bugtraq: 20080522 rPSA-2008-0174-1 gnutls (Google Search)
http://www.securityfocus.com/archive/1/492464/100/0/threaded
CERT/CC vulnerability note: VU#111034
http://www.kb.cert.org/vuls/id/111034
Debian Security Information: DSA-1581 (Google Search)
http://www.debian.org/security/2008/dsa-1581
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00487.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00590.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00615.html
http://security.gentoo.org/glsa/glsa-200805-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:106
http://www.cert.fi/haavoittuvuudet/advisory-gnutls.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00051.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00060.html
http://lists.gnu.org/archive/html/gnutls-devel/2008-05/msg00055.html
http://www.openwall.com/lists/oss-security/2008/05/20/1
http://www.openwall.com/lists/oss-security/2008/05/20/2
http://www.openwall.com/lists/oss-security/2008/05/20/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10935
http://www.redhat.com/support/errata/RHSA-2008-0489.html
http://www.redhat.com/support/errata/RHSA-2008-0492.html
http://www.securitytracker.com/id?1020057
http://secunia.com/advisories/30287
http://secunia.com/advisories/30302
http://secunia.com/advisories/30317
http://secunia.com/advisories/30324
http://secunia.com/advisories/30330
http://secunia.com/advisories/30331
http://secunia.com/advisories/30338
http://secunia.com/advisories/30355
http://secunia.com/advisories/31939
http://securityreason.com/securityalert/3902
SuSE Security Announcement: SUSE-SA:2008:046 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00003.html
http://www.ubuntu.com/usn/usn-613-1
http://www.vupen.com/english/advisories/2008/1582/references
http://www.vupen.com/english/advisories/2008/1583/references
XForce ISS Database: gnutls-gnutlsservernamerecvparams-bo(42532)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42532
Common Vulnerability Exposure (CVE) ID: CVE-2008-1949
CERT/CC vulnerability note: VU#252626
http://www.kb.cert.org/vuls/id/252626
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9519
http://www.securitytracker.com/id?1020058
XForce ISS Database: gnutls-gnutlsrecvclientkxmessage-bo(42530)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42530
Common Vulnerability Exposure (CVE) ID: CVE-2008-1950
CERT/CC vulnerability note: VU#659209
http://www.kb.cert.org/vuls/id/659209
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11393
http://www.securitytracker.com/id?1020059
XForce ISS Database: gnutls-gnutlsciphertext2compressed-bo(42533)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42533
CopyrightCopyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.