oval:org.mitre.oval:def:7887
Definition Id: oval:org.mitre.oval:def:7887 | |||
Oval ID: | oval:org.mitre.oval:def:7887 | ||
Title: | DSA-1581 gnutls13 -- several vulnerabilities | ||
Description: | Several remote vulnerabilities have been discovered in GNUTLS, an implementation of the SSL/TLS protocol suite. NOTE: The libgnutls13 package, which provides the GNUTLS library, does not contain logic to automatically restart potentially affected services. You must restart affected services manually (mainly Exim, using /etc/init.d/exim4 restart) after applying the update, to make the changes fully effective. Alternatively, you can reboot the system. The Common Vulnerabilities and Exposures project identifies the following problems: A pre-authentication heap overflow involving oversized session resumption data may lead to arbitrary code execution. Repeated client hellos may result in a pre-authentication denial of service condition due to a null pointer dereference. Decoding cipher padding with an invalid record length may cause GNUTLS to read memory beyond the end of the received record, leading to a pre-authentication denial of service condition. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1581 CVE-2008-1948 CVE-2008-1949 CVE-2008-1950 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gnutls13 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6461 | |||
Oval ID: | oval:org.mitre.oval:def:6461 | ||
Title: | Debian GNU/Linux 4.0 is installed. | ||
Description: | Debian GNU/Linux 4.0 (etch) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:4.0 | Version: | 9 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7887 |