| Description: | Description:
The remote host is missing updates announced in
advisory SUSE-SA:2008:046.
Multiple security issues have been fixed in crypto framework gnutls:
CVE-2008-1948 (GNUTLS-SA-2008-1-1): The _gnutls_server_name_recv_params
function in lib/ext_server_name.c in libgnutls in gnutls-serv in
GnuTLS before 2.2.4 does not properly calculate the number of Server
Names in a TLS 1.0 Client Hello message during extension handling,
which allows remote attackers to cause a denial of service (crash)
or possibly execute arbitrary code via a zero value for the length of
Server Names, which leads to a buffer overflow in session resumption
data in the pack_security_parameters function.
CVE-2008-1949 (GNUTLS-SA-2008-1-2): The _gnutls_recv_client_kx_message
function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS
before 2.2.4 continues to process Client Hello messages within a TLS
message after one has already been processed, which allows remote
attackers to cause a denial of service (NULL dereference and crash)
via a TLS message containing multiple Client Hello messages,
CVE-2008-1950 (GNUTLS-SA-2008-1-3): Integer signedness error in
the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in
libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a
denial of service (buffer over-read and crash) via a certain integer
value in the Random field in an encrypted Client Hello message within
a TLS record with an invalid Record Length, which leads to an invalid
cipher padding length,
openSUSE 11.0 was already shipped with fixed gnutls packages.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2008:046
Risk factor : Critical
CVSS Score:
10.0
|
