This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:gnu:gnutls:2.3.1
Detail
VendorGnuFirst view 2008-05-21
ProductGnutlsLast view2017-06-16
Version2.3.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:gnu:gnutls

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52017-06-16CVE-2017-7507NetworkLowNone Requ...
52017-04-14CVE-2017-7869NetworkLowNone Requ...
7.52017-03-24CVE-2017-5337NetworkLowNone Requ...
7.52017-03-24CVE-2017-5336NetworkLowNone Requ...
52017-03-24CVE-2017-5335NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52017-03-24CVE-2017-5334NetworkLowNone Requ...
52016-09-27CVE-2016-7444NetworkLowNone Requ...
7.52015-09-02CVE-2015-3308NetworkLowNone Requ...
4.32015-08-14CVE-2014-8155NetworkMediumNone Requ...
52015-03-24CVE-2015-0282NetworkLowNone Requ...
6.82014-06-03CVE-2014-3466NetworkMediumNone Requ...
5.82014-03-06CVE-2014-1959NetworkMediumNone Requ...
5.82014-03-06CVE-2014-0092NetworkMediumNone Requ...
5.82014-03-06CVE-2009-5138NetworkMediumNone Requ...
42013-02-08CVE-2013-1619NetworkHighNone Requ...
52012-03-26CVE-2012-1573NetworkLowNone Requ...
52012-03-26CVE-2012-1569NetworkLowNone Requ...
7.52012-03-13CVE-2012-1663NetworkLowNone Requ...
4.32012-01-05CVE-2012-0390NetworkMediumNone Requ...
5.82009-11-09CVE-2009-3555NetworkMediumNone Requ...
7.52009-08-12CVE-2009-2730NetworkLowNone Requ...
5.12009-07-30CVE-2009-2409NetworkHighNone Requ...
52009-04-30CVE-2009-1417NetworkLowNone Requ...
4.32009-04-30CVE-2009-1415NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (9)CWE-310Cryptographic Issues
11% (3)CWE-264Permissions, Privileges, and Access Controls
11% (3)CWE-189Numeric Errors
11% (3)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (2)CWE-255Credentials Management
Hide | Show 7 More...
%idName
3% (1)CWE-787Out-of-bounds Write
3% (1)CWE-476NULL Pointer Dereference
3% (1)CWE-415Double Free
3% (1)CWE-399Resource Management Errors
3% (1)CWE-287Improper Authentication
3% (1)CWE-125Out-of-bounds Read
3% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:20768RHSA-2013:0588: gnutls security update (Moderate)
oval:org.mitre.oval:def:18268USN-1752-1 -- gnutls13, gnutls26 vulnerability
oval:org.mitre.oval:def:23912ELSA-2013:0588: gnutls security update (Moderate)
oval:org.mitre.oval:def:22495DEPRECATED: ELSA-2013:0588: gnutls security update (Moderate)
oval:org.mitre.oval:def:25893SUSE-SU-2013:0731-1 -- Security update for GnuTLS
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:25546SUSE-SU-2014:0322-1 -- Security update for gnutls
oval:org.mitre.oval:def:27581DEPRECATED: ELSA-2013-0588 -- gnutls security update (moderate)
oval:org.mitre.oval:def:25580SUSE-SU-2014:0323-1 -- Security update for gnutls
oval:org.mitre.oval:def:25394SUSE-SU-2014:0321-1 -- Security update for gnutls
oval:org.mitre.oval:def:25237SUSE-SU-2014:0319-1 -- Security update for gnutls
oval:org.mitre.oval:def:26408DEPRECATED: ELSA-2014-0247 -- gnutls security update (important)
oval:org.mitre.oval:def:8594VMware Network Security Services (NSS) certificate spoofing vulnerability by ...
oval:org.mitre.oval:def:8111DSA-1874 nss -- several vulnerabilities
oval:org.mitre.oval:def:7155VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR.
oval:org.mitre.oval:def:6631Network Security Services Library Supports Certificates With Weak MD2 Hash Si...
oval:org.mitre.oval:def:13850USN-810-1 -- nss vulnerabilities
oval:org.mitre.oval:def:13780USN-810-2 -- nspr update
oval:org.mitre.oval:def:13737DSA-1874-1 nss -- several
oval:org.mitre.oval:def:13409USN-830-1 -- openssl vulnerability
oval:org.mitre.oval:def:10763The Network Security Services (NSS) library before 3.12.3, as used in Firefox...
oval:org.mitre.oval:def:22412ELSA-2009:1186: nspr and nss security, bug fix, and enhancement update (Criti...
oval:org.mitre.oval:def:25180Vulnerability in OpenSSL 0.9.8 through 0.9.8k, might allow remote attackers t...
oval:org.mitre.oval:def:28253DEPRECATED: ELSA-2010-0054 -- openssl security update (moderate)
oval:org.mitre.oval:def:29169RHSA-2009:1186 -- nspr and nss security, bug fix, and enhancement update (Cri...
oval:org.mitre.oval:def:29071USN-810-3 -- NSS regression

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78228GnuTLS DTLS CBC Mode Plaintext Information Disclosure
77832Parallels Plesk Panel Billing System TLS Renegotiation Handshakes MiTM Plaint...
75622Blue Coat Director TLS Renegotiation Handshakes MiTM Plaintext Data Injection
74335Hitachi Web Server TLS Renegotiation Handshakes MiTM Plaintext Data Injection
71961Oracle Fusion Middleware Oracle WebLogic Server TLS Renegotiation Handshakes ...
Hide | Show 20 More...
idDescription
71951Oracle Multiple Products Oracle Security Service TLS Renegotiation Handshakes...
70620mGuard TLS Renegotiation Handshakes MiTM Plaintext Data Injection
70055Oracle Supply Chain Transportation Management TLS Renegotiation Handshakes Mi...
69561IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Handshake MiTM Plaintex...
69032Oracle Java SE / Java for Business TLS Renegotiation Handshake MiTM Plaintext...
67029HP Threat Management Services zl Module TLS Renegotiation Handshakes MiTM Pla...
66315HP Insight Manager TLS Renegotiation Handshakes MiTM Plaintext Data Injection
65202OpenOffice.org (OOo) TLS Renegotiation Handshakes MiTM Plaintext Data Injection
64725HP System Management Homepage (SMH) TLS Renegotiation Handshakes MiTM Plainte...
64499ArubaOS HTTPS WebUI Admin Interface TLS Renegotiation Handshakes MiTM Plainte...
64040IBM DB2 TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62877SSH Tectia Audit Player TLS Renegotiation Handshakes MiTM Plaintext Data Inje...
62536Blue Coat Products TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62273Opera TLS Renegotiation Handshakes MiTM Plaintext Data Injection
62210Aruba Mobility Controller TLS Renegotiation Handshakes MiTM Plaintext Data In...
62135Network Security Services (NSS) TLS Renegotiation Handshakes MiTM Plaintext D...
62064IBM Java TLS Renegotiation Handshakes MiTM Plaintext Data Injection
61929IBM WebSphere Application Server TLS Renegotiation Handshakes MiTM Plaintext ...
61785Avaya Products Multiple Product TLS Renegotiation Handshakes MiTM Plaintext D...
61784Sun Java System Multiple Product TLS Renegotiation Handshakes MiTM Plaintext ...

ExploitDB Exploits

idDescription
32964GnuTLS 2.6.x libgnutls lib/pk-libgcrypt.c Malformed DSA Key Handling Remote DoS
24865GnuTLS libgnutls Double-free Certificate List Parsing Remote DoS
10579TLS Renegotiation Vulnerability PoC Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-09-26Name : Gentoo Security Advisory GLSA 201209-12 (libtasn1)
File : nvt/glsa_201209_12.nasl
2012-08-31Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-30Name : Fedora Update for libtasn1 FEDORA-2012-4357
File : nvt/gb_fedora_2012_4357_libtasn1_fc17.nasl
2012-08-30Name : Fedora Update for mingw-gnutls FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-gnutls_fc17.nasl
2012-08-30Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-libtasn1_fc17.nasl
Hide | Show 20 More...
idDescription
2012-08-30Name : Fedora Update for mingw-p11-kit FEDORA-2012-4451
File : nvt/gb_fedora_2012_4451_mingw-p11-kit_fc17.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-18 (GnuTLS)
File : nvt/glsa_201206_18.nasl
2012-08-03Name : Mandriva Update for libtasn1 MDVSA-2012:039 (libtasn1)
File : nvt/gb_mandriva_MDVSA_2012_039.nasl
2012-08-03Name : Mandriva Update for gnutls MDVSA-2012:040 (gnutls)
File : nvt/gb_mandriva_MDVSA_2012_040.nasl
2012-07-30Name : CentOS Update for libtasn1 CESA-2012:0427 centos6
File : nvt/gb_CESA-2012_0427_libtasn1_centos6.nasl
2012-07-30Name : CentOS Update for gnutls CESA-2012:0428 centos5
File : nvt/gb_CESA-2012_0428_gnutls_centos5.nasl
2012-07-30Name : CentOS Update for gnutls CESA-2012:0429 centos6
File : nvt/gb_CESA-2012_0429_gnutls_centos6.nasl
2012-07-09Name : RedHat Update for libtasn1 RHSA-2012:0427-01
File : nvt/gb_RHSA-2012_0427-01_libtasn1.nasl
2012-07-09Name : RedHat Update for gnutls RHSA-2012:0429-01
File : nvt/gb_RHSA-2012_0429-01_gnutls.nasl
2012-05-04Name : Ubuntu Update for libtasn1-3 USN-1436-1
File : nvt/gb_ubuntu_USN_1436_1.nasl
2012-04-30Name : FreeBSD Ports: gnutls
File : nvt/freebsd_gnutls7.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-22 (nginx)
File : nvt/glsa_201203_22.nasl
2012-04-30Name : Debian Security Advisory DSA 2440-1 (libtasn1-3)
File : nvt/deb_2440_1.nasl
2012-04-30Name : Debian Security Advisory DSA 2441-1 (gnutls26)
File : nvt/deb_2441_1.nasl
2012-04-30Name : FreeBSD Ports: libtasn1
File : nvt/freebsd_libtasn1.nasl
2012-04-16Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2012-04-13Name : Fedora Update for mingw-libtasn1 FEDORA-2012-4417
File : nvt/gb_fedora_2012_4417_mingw-libtasn1_fc15.nasl
2012-04-13Name : Fedora Update for mingw32-gnutls FEDORA-2012-4417
File : nvt/gb_fedora_2012_4417_mingw32-gnutls_fc15.nasl
2012-04-11Name : Fedora Update for libtasn1 FEDORA-2012-4308
File : nvt/gb_fedora_2012_4308_libtasn1_fc15.nasl
2012-04-11Name : Fedora Update for libtasn1 FEDORA-2012-4342
File : nvt/gb_fedora_2012_4342_libtasn1_fc16.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0153Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-A-0148Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0033794
2012-B-0048Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2012-B-0038Multiple Vulnerabilities in HP Onboard Administrator
Severity : Category I - VMSKEY : V0031972
2011-A-0066Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0027158

Snort® IPS/IDS

DateDescription
2014-07-05GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31179 - Type : SERVER-OTHER - Revision : 5
2014-07-05GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31178 - Type : SERVER-OTHER - Revision : 5
2014-07-05GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31177 - Type : SERVER-OTHER - Revision : 5
2014-07-05GnuTLS Server Hello Session ID heap overflow attempt
RuleID : 31176 - Type : SERVER-OTHER - Revision : 4
2014-01-10Free Software Foundation GnuTLS record application integer overflow attempt
RuleID : 24996 - Type : SERVER-OTHER - Revision : 3
Hide | Show 1 More...
DateDescription
2014-01-10Free Software Foundation GnuTLS record application integer overflow attempt
RuleID : 24995 - Type : SERVER-OTHER - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0015.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0016.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0038.nasl - Type : ACT_GATHER_INFO
2018-04-03Name : The remote web server may allow remote code execution.
File : iis_7_pci.nasl - Type : ACT_GATHER_INFO
2018-03-09Name : The remote web server is affected by multiple vulnerabilities.
File : nginx_0_7_64.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-11-17Name : The remote host is affected by a MITM vulnerability.
File : fortios_FG-IR-17-137.nasl - Type : ACT_GATHER_INFO
2017-10-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201710-15.nasl - Type : ACT_GATHER_INFO
2017-09-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1203.nasl - Type : ACT_GATHER_INFO
2017-09-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1204.nasl - Type : ACT_GATHER_INFO
2017-08-25Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-2292.nasl - Type : ACT_GATHER_INFO
2017-08-22Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170801_gnutls_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-08-09Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-2292.nasl - Type : ACT_GATHER_INFO
2017-08-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2292.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-824.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1886-1.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-7936341c80.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-f0d48eabe6.nasl - Type : ACT_GATHER_INFO
2017-07-12Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1838-1.nasl - Type : ACT_GATHER_INFO
2017-07-10Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2017-1115.nasl - Type : ACT_GATHER_INFO
2017-06-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3884.nasl - Type : ACT_GATHER_INFO
2017-06-14Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3318-1.nasl - Type : ACT_GATHER_INFO
2017-06-12Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2017-1111.nasl - Type : ACT_GATHER_INFO
2017-06-12Name : The remote Fedora host is missing a security update.
File : fedora_2017-f646217583.nasl - Type : ACT_GATHER_INFO
2017-04-18Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-815.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170321_gnutls_on_SL6_x.nasl - Type : ACT_GATHER_INFO