FKIE_CVE-2014-3466

Vulnerability from fkie_nvd - Published: 2014-06-03 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
References
secalert@redhat.comhttp://linux.oracle.com/errata/ELSA-2014-0594.html
secalert@redhat.comhttp://linux.oracle.com/errata/ELSA-2014-0595.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html
secalert@redhat.comhttp://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/Exploit, URL Repurposed
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0594.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0595.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0684.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0815.html
secalert@redhat.comhttp://secunia.com/advisories/58340
secalert@redhat.comhttp://secunia.com/advisories/58598
secalert@redhat.comhttp://secunia.com/advisories/58601
secalert@redhat.comhttp://secunia.com/advisories/58642
secalert@redhat.comhttp://secunia.com/advisories/59016
secalert@redhat.comhttp://secunia.com/advisories/59021
secalert@redhat.comhttp://secunia.com/advisories/59057
secalert@redhat.comhttp://secunia.com/advisories/59086
secalert@redhat.comhttp://secunia.com/advisories/59408
secalert@redhat.comhttp://secunia.com/advisories/59838
secalert@redhat.comhttp://secunia.com/advisories/60384
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21678776
secalert@redhat.comhttp://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2944
secalert@redhat.comhttp://www.gnutls.org/security.htmlVendor Advisory
secalert@redhat.comhttp://www.novell.com/support/kb/doc.php?id=7015302
secalert@redhat.comhttp://www.novell.com/support/kb/doc.php?id=7015303
secalert@redhat.comhttp://www.securityfocus.com/bid/67741
secalert@redhat.comhttp://www.securitytracker.com/id/1030314
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2229-1
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1101932
secalert@redhat.comhttps://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfdExploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-0594.html
af854a3a-2127-422b-91ae-364da2661108http://linux.oracle.com/errata/ELSA-2014-0595.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/Exploit, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0594.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0595.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0684.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0815.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58340
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58598
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58601
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58642
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59016
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59021
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59057
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59086
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59408
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59838
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60384
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21678776
af854a3a-2127-422b-91ae-364da2661108http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2944
af854a3a-2127-422b-91ae-364da2661108http://www.gnutls.org/security.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015302
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015303
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/67741
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030314
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2229-1
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1101932
af854a3a-2127-422b-91ae-364da2661108https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfdExploit, Patch
Impacted products
Vendor Product Version
gnu gnutls 3.3.0
gnu gnutls 3.3.0
gnu gnutls 3.3.1
gnu gnutls 3.3.2
gnu gnutls 3.3.3
gnu gnutls *
gnu gnutls 3.1.0
gnu gnutls 3.1.1
gnu gnutls 3.1.2
gnu gnutls 3.1.3
gnu gnutls 3.1.4
gnu gnutls 3.1.5
gnu gnutls 3.1.6
gnu gnutls 3.1.7
gnu gnutls 3.1.8
gnu gnutls 3.1.9
gnu gnutls 3.1.10
gnu gnutls 3.1.11
gnu gnutls 3.1.12
gnu gnutls 3.1.13
gnu gnutls 3.1.14
gnu gnutls 3.1.15
gnu gnutls 3.1.16
gnu gnutls 3.1.17
gnu gnutls 3.1.18
gnu gnutls 3.1.19
gnu gnutls 3.1.20
gnu gnutls 3.1.21
gnu gnutls 3.1.22
gnu gnutls 3.1.23
gnu gnutls 3.2.0
gnu gnutls 3.2.1
gnu gnutls 3.2.2
gnu gnutls 3.2.3
gnu gnutls 3.2.4
gnu gnutls 3.2.5
gnu gnutls 3.2.6
gnu gnutls 3.2.7
gnu gnutls 3.2.8
gnu gnutls 3.2.8.1
gnu gnutls 3.2.9
gnu gnutls 3.2.10
gnu gnutls 3.2.11
gnu gnutls 3.2.12
gnu gnutls 3.2.12.1
gnu gnutls 3.2.13
gnu gnutls 3.2.14
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "BE31FE31-3F85-41F3-9DCB-58A090E63DEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.3.0:pre0:*:*:*:*:*:*",
              "matchCriteriaId": "18A0842D-2CAC-4372-80D0-68BCCC28C7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91948CE-E418-4450-AB62-9078D3A0FBEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D34267DC-A768-4A0F-BB54-74314B70E4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "160B3AD7-37A3-4A01-B1CD-83E6500E145A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B744589A-9113-4CA1-AEDC-364251547524",
              "versionEndIncluding": "3.1.24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D91451B0-301B-430D-9D77-00F4AE91C10A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6917AC57-F49D-4EFC-920C-CCAFDF6174B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7ACCE21-A19D-4BE5-9BED-30C5A7418719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "344CCDAD-64EC-419C-995B-51F922AB9E39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DB8FC4-F84A-47FD-9586-CF02761152A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1B43AF4-E52B-46EA-81CF-D4DCAE82E7DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D57BDDEB-090D-472C-9FB6-4555429860E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB23D13-94D2-4FAE-AB76-8574E35E02AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45B0F5E-B4E1-471E-8CDD-85E09837839F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F430F4C6-A738-4E02-BE76-041F71335E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F272E2DC-7E54-4034-B7BA-30966D57CDFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "64EE97BB-D0EE-444A-96FA-D127892216F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB28F388-DE19-4C25-A838-949CA926C31A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "33DCAA09-7E8C-4C3E-901F-641681AA9E3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "435C588C-A478-4FB8-A47D-2605CB39C331",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDDABF3-ECA6-433E-A7D6-8E13F0C6433B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0142E0D7-85DD-413B-B176-2FB5E12C2FE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "780D6C0C-2B20-425E-B15E-EE1AF9F28B31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC2D3896-E095-4889-A9D1-6D8EB2882D64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CCDF3A-BEAB-4DA2-A15A-A855FFFD415A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "425F7D5B-EE8A-46EC-B986-414FB90702C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BC83E92-882B-4984-80FC-FAB7F5CD52E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AFAAACF-FD4A-4B1C-A35A-E11189DE2F85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "A62B585C-2FC8-448F-97E7-CAC59548B03A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "827A375E-8045-4A81-AB7C-11A89E862518",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC1076D-2249-406B-9D43-B24764BBE007",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F039CD91-0FF6-4640-B981-20A3F9384A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8008DADD-DB6C-4C67-B333-0DC4C7152B2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9E811B-4EED-4B6A-8836-5405F7F5A53D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "567E66B1-53D9-4A80-A938-2FE5C7CEB985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2186BE-288F-40FD-B634-76D14578E252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "773043EA-8C41-4F42-9702-660FD6822FD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "37E05061-D666-492E-AF2B-CF30FC2FA759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A22BC2E4-A2A5-4637-A9B9-9E68FC982BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "68DF059C-4C1D-4B9C-993E-1C4D3510471C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E9A21B6-4A22-4801-8023-45F39EC02576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA5F76C-3524-4E80-985F-FC74DD20B5E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB890F0-3126-4FDD-8162-AC28754D3D05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35CAA298-D755-4668-A568-439532DF7A0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "13B53422-C666-4140-BF8A-EEDB8AC95A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:gnutls:3.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B1861D-61C3-469E-B37F-B76758626BCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en la funci\u00f3n read_server_hello en lib/gnutls_handshake.c en GnuTLS anterior a 3.1.25, 3.2.x anterior a 3.2.15 y 3.3.x anterior a 3.3.4 permite a servidores remotos causar una denegaci\u00f3n de servicio (consumo de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una sesi\u00f3n id larga en un mensaje ServerHello."
    }
  ],
  "id": "CVE-2014-3466",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-03T14:55:10.257",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://linux.oracle.com/errata/ELSA-2014-0594.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://linux.oracle.com/errata/ELSA-2014-0595.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0594.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0595.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0684.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0815.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58340"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58598"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58601"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58642"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59016"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59021"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59057"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59086"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59408"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59838"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/60384"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678776"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-2944"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.gnutls.org/security.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015302"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015303"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/67741"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1030314"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2229-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101932"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.oracle.com/errata/ELSA-2014-0594.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.oracle.com/errata/ELSA-2014-0595.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0594.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0595.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0684.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0815.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58598"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-2944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.gnutls.org/security.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/67741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2229-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.