Vulnerabilities > CVE-2004-2531 - Denial Of Service vulnerability in GNU Gnutls 1.0.16
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://lists.gnupg.org/pipermail/gnutls-dev/2004-August/000703.html
- http://secunia.com/advisories/12156
- http://securitytracker.com/id?1010838
- http://www.hornik.sk/SA/SA-20040802.txt
- http://www.osvdb.org/8278
- http://www.securityfocus.com/bid/10839
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16858