This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gnu First view 2004-12-31
Product Gnutls Last view 2020-09-04
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:* 40
cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:* 39
cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:* 38
cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:* 37
cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:* 37
cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:* 37
cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:* 37
cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:* 37

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2020-09-04 CVE-2020-24659

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.

7.4 2020-06-04 CVE-2020-13777

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.

7.4 2020-04-03 CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.

7.5 2020-01-27 CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

5.9 2019-12-20 CVE-2015-8313

GnuTLS incorrectly validates the first byte of padding in CBC modes

7.5 2019-04-01 CVE-2019-3836

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

7.5 2019-03-27 CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

5.6 2018-12-03 CVE-2018-16868

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.

5.6 2018-08-22 CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.

5.9 2018-08-22 CVE-2018-10845

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.

5.9 2018-08-22 CVE-2018-10844

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.

7.5 2017-08-08 CVE-2016-4456

The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem.

7.5 2017-06-16 CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application.

7.5 2017-04-14 CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.

9.8 2017-03-24 CVE-2017-5337

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

9.8 2017-03-24 CVE-2017-5336

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

7.5 2017-03-24 CVE-2017-5335

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

9.8 2017-03-24 CVE-2017-5334

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

7.5 2016-09-27 CVE-2016-7444

The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by gnutls_malloc.

7.5 2015-09-02 CVE-2015-3308

Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

5 2015-08-24 CVE-2015-6251

Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.

4.3 2015-08-14 CVE-2014-8155

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is (1) not yet valid or (2) no longer valid.

5 2015-03-24 CVE-2015-0282

GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.

5 2014-11-13 CVE-2014-8564

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.

5 2014-06-10 CVE-2014-3465

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.

CWE : Common Weakness Enumeration

%idName
24% (12) CWE-310 Cryptographic Issues
14% (7) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (5) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
10% (5) CWE-189 Numeric Errors
6% (3) CWE-264 Permissions, Privileges, and Access Controls
4% (2) CWE-787 Out-of-bounds Write
4% (2) CWE-476 NULL Pointer Dereference
4% (2) CWE-415 Double Free
4% (2) CWE-255 Credentials Management
4% (2) CWE-20 Improper Input Validation
2% (1) CWE-416 Use After Free
2% (1) CWE-399 Resource Management Errors
2% (1) CWE-295 Certificate Issues
2% (1) CWE-287 Improper Authentication
2% (1) CWE-203 Information Exposure Through Discrepancy
2% (1) CWE-125 Out-of-bounds Read
2% (1) CWE-17 Code

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-68 Subvert Code-signing Facilities

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:9238 The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 ...
oval:org.mitre.oval:def:9937 verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does ...
oval:org.mitre.oval:def:10935 The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libg...
oval:org.mitre.oval:def:9519 The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls i...
oval:org.mitre.oval:def:7887 DSA-1581 gnutls13 -- several vulnerabilities
oval:org.mitre.oval:def:19997 DSA-1581-1 gnutls13 - potential code execution
oval:org.mitre.oval:def:17521 USN-613-1 -- gnutls12, gnutls13 vulnerabilities
oval:org.mitre.oval:def:11393 Integer signedness error in the _gnutls_ciphertext2compressed function in lib...
oval:org.mitre.oval:def:22264 ELSA-2008:0489: gnutls security update (Critical)
oval:org.mitre.oval:def:7938 DSA-1719 gnutls13 -- design flaw
oval:org.mitre.oval:def:17875 USN-678-1 -- gnutls12, gnutls13, gnutls26 vulnerability
oval:org.mitre.oval:def:17801 USN-678-2 -- gnutls12, gnutls13, gnutls26 regression
oval:org.mitre.oval:def:13825 USN-809-1 -- gnutls12, gnutls13, gnutls26 vulnerabilities
oval:org.mitre.oval:def:13629 DSA-1719-2 gnutls13, gnutls26 -- design flaw
oval:org.mitre.oval:def:12790 DSA-1719-1 gnutls13 -- design flaw
oval:org.mitre.oval:def:11650 The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutl...
oval:org.mitre.oval:def:22750 ELSA-2008:0982: gnutls security update (Moderate)
oval:org.mitre.oval:def:29020 RHSA-2008:0982 -- gnutls security update (Moderate)
oval:org.mitre.oval:def:8409 VMware GnuTLS vulnerability
oval:org.mitre.oval:def:8289 DSA-1935 gnutls13 gnutls26 -- several vulnerabilities
oval:org.mitre.oval:def:20167 DSA-1935-1 gnutls13 gnutls26 - SSL certificate
oval:org.mitre.oval:def:10778 libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in...
oval:org.mitre.oval:def:22748 ELSA-2009:1232: gnutls security update (Moderate)
oval:org.mitre.oval:def:29281 RHSA-2009:1232 -- gnutls security update (Moderate)
oval:org.mitre.oval:def:8535 HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service ...

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78228 GnuTLS DTLS CBC Mode Plaintext Information Disclosure
77832 Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
76961 GnuTLS lib/gnutls_session.c gnutls_session_get_data() Function Server Connect...
75622 Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74335 Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
71961 Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
71951 Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620 mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055 Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561 IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032 Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029 HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66315 HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202 OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection
64890 GnuTLS lib/gnutls_algorithms.c _gnutls_x509_oid2mac_algorithm Function Crafte...
64725 HP System Management Homepage (SMH) TLS Renegotiation Handshakes MiTM Plainte...
64499 ArubaOS HTTPS WebUI Admin Interface TLS Renegotiation Handshakes MiTM Plainte...
64040 IBM DB2 TLS Renegotiation Handshakes MiTM Plaintext Data Injection
63304 GnuTLS Library gnutls_x509_crt_get_serial Function Crafted X.509 Certificate ...
62877 SSH Tectia Audit Player TLS Renegotiation Handshakes MiTM Plaintext Data Inje...
62536 Blue Coat Products TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62273 Opera TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62210 Aruba Mobility Controller TLS Renegotiation Handshakes MiTM Plaintext Data In...
62135 Network Security Services (NSS) TLS Renegotiation Handshakes MiTM Plaintext D...
62064 IBM Java TLS Renegotiation Handshakes MiTM Plaintext Data Injection

ExploitDB Exploits

id Description
32965 GnuTLS 2.6.x libgnutls lib/gnutls_pk.c DSA Key Storage Remote Spoofing
32964 GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS
24865 GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS
10579 TLS Renegotiation Vulnerability PoC Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-12 (libtasn1)
File : nvt/glsa_201209_12.nasl
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30 Name : Fedora Update for libtasn1 FEDORA-2012-4357
File : nvt/gb_fedora_2012_4357_libtasn1_fc17.nasl
2012-08-30 Name : Fedora Update for mingw-gnutls FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-gnutls_fc17.nasl
2012-08-30 Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-libtasn1_fc17.nasl
2012-08-30 Name : Fedora Update for mingw-p11-kit FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-p11-kit_fc17.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-08-03 Name : Mandriva Update for libtasn1 MDVSA-2012:039 (libtasn1)
File : nvt/gb_mandriva_MDVSA_2012_039.nasl
2012-08-03 Name : Mandriva Update for gnutls MDVSA-2012:040 (gnutls)
File : nvt/gb_mandriva_MDVSA_2012_040.nasl
2012-08-03 Name : Mandriva Update for gnutls MDVSA-2012:045 (gnutls)
File : nvt/gb_mandriva_MDVSA_2012_045.nasl
2012-07-30 Name : CentOS Update for libtasn1 CESA-2012:0427 centos6
File : nvt/gb_CESA-2012_0427_libtasn1_centos6.nasl
2012-07-30 Name : CentOS Update for gnutls CESA-2012:0428 centos5
File : nvt/gb_CESA-2012_0428_gnutls_centos5.nasl
2012-07-30 Name : CentOS Update for gnutls CESA-2012:0429 centos6
File : nvt/gb_CESA-2012_0429_gnutls_centos6.nasl
2012-07-09 Name : RedHat Update for libtasn1 RHSA-2012:0427-01
File : nvt/gb_RHSA-2012_0427-01_libtasn1.nasl
2012-07-09 Name : RedHat Update for gnutls RHSA-2012:0429-01
File : nvt/gb_RHSA-2012_0429-01_gnutls.nasl
2012-05-04 Name : Ubuntu Update for libtasn1-3 USN-1436-1
File : nvt/gb_ubuntu_USN_1436_1.nasl
2012-04-30 Name : Debian Security Advisory DSA 2440-1 (libtasn1-3)
File : nvt/deb_2440_1.nasl
2012-04-30 Name : Debian Security Advisory DSA 2441-1 (gnutls26)
File : nvt/deb_2441_1.nasl
2012-04-30 Name : FreeBSD Ports: gnutls
File : nvt/freebsd_gnutls7.nasl
2012-04-30 Name : FreeBSD Ports: libtasn1
File : nvt/freebsd_libtasn1.nasl
2012-04-30 Name : Gentoo Security Advisory GLSA 201203-22 (nginx)
File : nvt/glsa_201203_22.nasl
2012-04-13 Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4417
File : nvt/gb_fedora_2012_4417_mingw-libtasn1_fc15.nasl
2012-04-13 Name : Fedora Update for mingw32-gnutls FEDORA-2012-4417
File : nvt/gb_fedora_2012_4417_mingw32-gnutls_fc15.nasl
2012-04-11 Name : Fedora Update for libtasn1 FEDORA-2012-4308
File : nvt/gb_fedora_2012_4308_libtasn1_fc15.nasl
2012-04-11 Name : Fedora Update for libtasn1 FEDORA-2012-4342
File : nvt/gb_fedora_2012_4342_libtasn1_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0148 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0033794
2012-B-0048 Multiple Vulnerabilities in HP Systems Insight Manager
Severity: Category I - VMSKEY: V0032178
2012-B-0038 Multiple Vulnerabilities in HP Onboard Administrator
Severity: Category I - VMSKEY: V0031972
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158

Snort® IPS/IDS

Date Description
2019-09-10 GnuTLS x509 certificate validation policy bypass attempt
RuleID : 50946 - Type : SERVER-OTHER - Revision : 1
2015-03-31 GnuTLS TLSA record heap buffer overflow attempt
RuleID : 33596 - Type : SERVER-OTHER - Revision : 2
2015-03-31 GnuTLS TLSA record heap buffer overflow attempt
RuleID : 33595 - Type : SERVER-OTHER - Revision : 2
2014-07-05 GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31179 - Type : SERVER-OTHER - Revision : 5
2014-07-05 GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31178 - Type : SERVER-OTHER - Revision : 5
2014-07-05 GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31177 - Type : SERVER-OTHER - Revision : 5
2014-07-05 GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31176 - Type : SERVER-OTHER - Revision : 4
2014-01-10 Free Software Foundation GnuTLS record application integer overflow attempt
RuleID : 24996 - Type : SERVER-OTHER - Revision : 3
2014-01-10 Free Software Foundation GnuTLS record application integer overflow attempt
RuleID : 24995 - Type : SERVER-OTHER - Revision : 6

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2019-1a0d4443f8.nasl - Type: ACT_GATHER_INFO
2019-01-14 Name: The remote Fedora host is missing a security update.
File: fedora_2019-99eefddc65.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Fedora host is missing a security update.
File: fedora_2019-24dc022a51.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1005.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-79f7540a1e.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1444.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3050.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1120.nasl - Type: ACT_GATHER_INFO
2018-12-06 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-339-01.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Debian host is missing a security update.
File: debian_DLA-1560.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0015.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0016.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0038.nasl - Type: ACT_GATHER_INFO
2018-04-03 Name: The remote web server may allow remote code execution.
File: iis_7_pci.nasl - Type: ACT_GATHER_INFO
2018-03-09 Name: The remote web server is affected by multiple vulnerabilities.
File: nginx_0_7_64.nasl - Type: ACT_GATHER_INFO
2017-11-17 Name: The remote host is affected by a MITM vulnerability.
File: fortios_FG-IR-17-137.nasl - Type: ACT_GATHER_INFO
2017-10-16 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201710-15.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1203.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1204.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-2292.nasl - Type: ACT_GATHER_INFO
2017-08-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170801_gnutls_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-2292.nasl - Type: ACT_GATHER_INFO
2017-08-02 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2292.nasl - Type: ACT_GATHER_INFO
2017-07-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-7936341c80.nasl - Type: ACT_GATHER_INFO
2017-07-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-f0d48eabe6.nasl - Type: ACT_GATHER_INFO