oval:org.mitre.oval:def:22264
Definition Id: oval:org.mitre.oval:def:22264 | |||
Oval ID: | oval:org.mitre.oval:def:22264 | ||
Title: | ELSA-2008:0489: gnutls security update (Critical) | ||
Description: | Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0489-01 CVE-2008-1948 CVE-2008-1949 CVE-2008-1950 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | gnutls |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15459 | |||
Oval ID: | oval:org.mitre.oval:def:15459 | ||
Title: | Oracle Linux 5.x | ||
Description: | The operating system installed on the system is Oracle Linux 5.x | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:oracle:linux:5 | Version: | 7 |
Platform(s): | Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:22264 |