Download
| Alert*
oval:org.secpod.oval:def:704620
libgnutls28-dev is installed oval:org.secpod.oval:def:64152 A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to b ... oval:org.secpod.oval:def:707656 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:82610 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:604802 A flaw was reported in the DTLS protocol implementation in GnuTLS, a library implementing the TLS and SSL protocols. The DTLS client would not contribute any randomness to the DTLS negotiation, breaking the security guarantees of the DTLS protocol. oval:org.secpod.oval:def:1901741 invalid pointer access upon receiving async handshake messages oval:org.secpod.oval:def:1901747 critical use after free vulnerability in verify_crt oval:org.secpod.oval:def:1900113 A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade an ... oval:org.secpod.oval:def:2001094 A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade an ... oval:org.secpod.oval:def:1900101 It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of tilibming-dev data using crafted packets. oval:org.secpod.oval:def:1900122 It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of tilibming-dev data using crafted packets. oval:org.secpod.oval:def:1900160 A cache-based side channel in GnuTLS implementation that leads to plaintext recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets. oval:org.secpod.oval:def:89477 gnutls28: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:89350 Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library. oval:org.secpod.oval:def:96460 gnutls28: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:708607 gnutls28: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:708713 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:98670 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:708877 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:99589 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:99101 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:99584 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:98218 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:98764 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. |