oval:org.mitre.oval:def:7887
| Definition Id: oval:org.mitre.oval:def:7887 | |||
| Oval ID: | oval:org.mitre.oval:def:7887 | ||
| Title: | DSA-1581 gnutls13 -- several vulnerabilities | ||
| Description: | Several remote vulnerabilities have been discovered in GNUTLS, an implementation of the SSL/TLS protocol suite. NOTE: The libgnutls13 package, which provides the GNUTLS library, does not contain logic to automatically restart potentially affected services. You must restart affected services manually (mainly Exim, using /etc/init.d/exim4 restart) after applying the update, to make the changes fully effective. Alternatively, you can reboot the system. The Common Vulnerabilities and Exposures project identifies the following problems: A pre-authentication heap overflow involving oversized session resumption data may lead to arbitrary code execution. Repeated client hellos may result in a pre-authentication denial of service condition due to a null pointer dereference. Decoding cipher padding with an invalid record length may cause GNUTLS to read memory beyond the end of the received record, leading to a pre-authentication denial of service condition. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1581 CVE-2008-1948 CVE-2008-1949 CVE-2008-1950 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gnutls13 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6461 | |||
| Oval ID: | oval:org.mitre.oval:def:6461 | ||
| Title: | Debian GNU/Linux 4.0 is installed. | ||
| Description: | Debian GNU/Linux 4.0 (etch) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux:4.0 | Version: | 9 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:7887 | |||
