oval:org.mitre.oval:def:22264

Definition Id: oval:org.mitre.oval:def:22264

Oval ID:	oval:org.mitre.oval:def:22264
Title:	ELSA-2008:0489: gnutls security update (Critical)
Description:	Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.
Family:	unix	Class:	patch
Reference(s):	ELSA-2008:0489-01 CVE-2008-1948 CVE-2008-1949 CVE-2008-1950	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	gnutls
Definition Synopsis:
Oracle Linux 5.x rpm test gnutls-utils is earlier than 0:1.4.1-3.el5_1 AND gnutls-devel is earlier than 0:1.4.1-3.el5_1 AND gnutls is earlier than 0:1.4.1-3.el5_1

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22264