6.8

CVE-2014-3466

Exploit
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGnutls Version3.3.0 Update-
GnuGnutls Version3.3.0 Updatepre0
GnuGnutls Version3.3.1
GnuGnutls Version3.3.2
GnuGnutls Version3.3.3
GnuGnutls Version <= 3.1.24
GnuGnutls Version3.1.0
GnuGnutls Version3.1.1
GnuGnutls Version3.1.2
GnuGnutls Version3.1.3
GnuGnutls Version3.1.4
GnuGnutls Version3.1.5
GnuGnutls Version3.1.6
GnuGnutls Version3.1.7
GnuGnutls Version3.1.8
GnuGnutls Version3.1.9
GnuGnutls Version3.1.10
GnuGnutls Version3.1.11
GnuGnutls Version3.1.12
GnuGnutls Version3.1.13
GnuGnutls Version3.1.14
GnuGnutls Version3.1.15
GnuGnutls Version3.1.16
GnuGnutls Version3.1.17
GnuGnutls Version3.1.18
GnuGnutls Version3.1.19
GnuGnutls Version3.1.20
GnuGnutls Version3.1.21
GnuGnutls Version3.1.22
GnuGnutls Version3.1.23
GnuGnutls Version3.2.0
GnuGnutls Version3.2.1
GnuGnutls Version3.2.2
GnuGnutls Version3.2.3
GnuGnutls Version3.2.4
GnuGnutls Version3.2.5
GnuGnutls Version3.2.6
GnuGnutls Version3.2.7
GnuGnutls Version3.2.8
GnuGnutls Version3.2.8.1
GnuGnutls Version3.2.9
GnuGnutls Version3.2.10
GnuGnutls Version3.2.11
GnuGnutls Version3.2.12
GnuGnutls Version3.2.12.1
GnuGnutls Version3.2.13
GnuGnutls Version3.2.14
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.22% 0.954
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.gnutls.org/security.html
Vendor Advisory
http://linux.oracle.com/errata/ELSA-2014-0594.html
http://linux.oracle.com/errata/ELSA-2014-0595.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html
http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/
Exploit
URL Repurposed
http://rhn.redhat.com/errata/RHSA-2014-0594.html
http://rhn.redhat.com/errata/RHSA-2014-0595.html
http://rhn.redhat.com/errata/RHSA-2014-0684.html
http://rhn.redhat.com/errata/RHSA-2014-0815.html
http://secunia.com/advisories/58340
http://secunia.com/advisories/58598
http://secunia.com/advisories/58601
http://secunia.com/advisories/58642
http://secunia.com/advisories/59016
http://secunia.com/advisories/59021
http://secunia.com/advisories/59057
http://secunia.com/advisories/59086
http://secunia.com/advisories/59408
http://secunia.com/advisories/59838
http://secunia.com/advisories/60384
http://www-01.ibm.com/support/docview.wss?uid=swg21678776
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
http://www.debian.org/security/2014/dsa-2944
http://www.novell.com/support/kb/doc.php?id=7015302
http://www.novell.com/support/kb/doc.php?id=7015303
http://www.securityfocus.com/bid/67741
http://www.securitytracker.com/id/1030314
http://www.ubuntu.com/usn/USN-2229-1
https://bugzilla.redhat.com/show_bug.cgi?id=1101932
https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd
Patch
Exploit