Test ID:	1.3.6.1.4.1.25623.1.0.72031
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2012:045 (gnutls)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to gnutls announced via advisory MDVSA-2012:045. A vulnerability has been found and corrected in GnuTLS: Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket (CVE-2011-4128). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:045 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4128 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:045 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5596 http://openwall.com/lists/oss-security/2011/11/09/2 http://openwall.com/lists/oss-security/2011/11/09/4 RedHat Security Advisories: RHSA-2012:0429 http://rhn.redhat.com/errata/RHSA-2012-0429.html RedHat Security Advisories: RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html RedHat Security Advisories: RHSA-2012:0531 http://rhn.redhat.com/errata/RHSA-2012-0531.html http://secunia.com/advisories/48596 http://secunia.com/advisories/48712 http://www.ubuntu.com/usn/USN-1418-1
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.