|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2697-1 (gnutls26 - out-of-bounds array read)|
|Summary:||It was discovered that a malicious client could crash a GNUTLS server;and vice versa, by sending TLS records encrypted with a block cipher;which contain invalid padding.;;The oldstable distribution (squeeze) is not affected because the;security fix that introduced this vulnerability was not applied to it.|
It was discovered that a malicious client could crash a GNUTLS server
and vice versa, by sending TLS records encrypted with a block cipher
which contain invalid padding.
The oldstable distribution (squeeze) is not affected because the
security fix that introduced this vulnerability was not applied to it.
gnutls26 on Debian Linux
For the stable distribution (wheezy), this problem has been fixed in
For the unstable distribution (sid), this problem has been fixed in
We recommend that you upgrade your gnutls26 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2013-2116|
Debian Security Information: DSA-2697 (Google Search)
RedHat Security Advisories: RHSA-2013:0883
SuSE Security Announcement: SUSE-SU-2013:1060 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0322 (Google Search)
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.