Vulnerabilities > CVE-2014-0092 - Cryptographic Issues vulnerability in GNU Gnutls
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS11_GNUTLS_20140915.NASL description The remote Solaris system is missing necessary patches to address security updates : - lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. (CVE-2014-0092) last seen 2020-06-01 modified 2020-06-02 plugin id 80631 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80631 title Oracle Solaris Third-Party Patch Update : gnutls (cve_2014_0092_cryptographic_issues) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0288.NASL description Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.3, 5.6 and 6.2 Long Life, and Red Hat Enterprise Linux 5.9, 6.3 and 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) This issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 79001 published 2014-11-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79001 title RHEL 4 / 5 / 6 : gnutls (RHSA-2014:0288) NASL family Scientific Linux Local Security Checks NASL id SL_20140303_GNUTLS_ON_SL5_X.NASL description It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way GnuTLS handled version 1 X.509 certificates. An attacker able to obtain a version 1 certificate from a trusted certificate authority could use this flaw to issue certificates for other sites that would be accepted by GnuTLS as valid. (CVE-2009-5138) For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-03-18 modified 2014-03-04 plugin id 72795 published 2014-03-04 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72795 title Scientific Linux Security Update : gnutls on SL5.x i386/x86_64 (20140303) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2869.NASL description Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported sucessfully even in cases were an error would prevent all verification steps to be performed. An attacker doing a man-in-the-middle of a TLS connection could use this vulnerability to present a carefully crafted certificate that would be accepted by GnuTLS as valid even if not signed by one of the trusted authorities. last seen 2020-03-17 modified 2014-03-04 plugin id 72782 published 2014-03-04 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72782 title Debian DSA-2869-1 : gnutls26 - incorrect certificate verification NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-301.NASL description It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) last seen 2020-06-01 modified 2020-06-02 plugin id 72949 published 2014-03-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72949 title Amazon Linux AMI : gnutls (ALAS-2014-301) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-183.NASL description The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not. last seen 2020-06-05 modified 2014-06-13 plugin id 75276 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75276 title openSUSE Security Update : gnutls (openSUSE-SU-2014:0328-1) NASL family Fedora Local Security Checks NASL id FEDORA_2014-3363.NASL description fixes CVE-2014-0092 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-07 plugin id 72868 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72868 title Fedora 19 : gnutls-3.1.20-4.fc19 (2014-3363) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F645AA90A3E811E3A4223C970E169BC2.NASL description GnuTLS project reports : A vulnerability was discovered that affects the certificate verification functions of all gnutls versions. A specially crafted certificate could bypass certificate validation checks. The vulnerability was discovered during an audit of GnuTLS for Red Hat. Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 2.11.5 and later versions. A version 1 intermediate certificate will be considered as a CA certificate by default (something that deviates from the documented behavior). last seen 2020-06-01 modified 2020-06-02 plugin id 72808 published 2014-03-05 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72808 title FreeBSD : gnutls -- multiple certificate verification issues (f645aa90-a3e8-11e3-a422-3c970e169bc2) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0247.NASL description Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way GnuTLS handled version 1 X.509 certificates. An attacker able to obtain a version 1 certificate from a trusted certificate authority could use this flaw to issue certificates for other sites that would be accepted by GnuTLS as valid. (CVE-2009-5138) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72804 published 2014-03-05 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72804 title CentOS 5 : gnutls (CESA-2014:0247) NASL family Fedora Local Security Checks NASL id FEDORA_2014-3454.NASL description Version 3.1.22 (released 2014-03-03) - libgnutls: Corrected certificate verification issue (GNUTLS-SA-2014-2) - libgnutls: Corrected issue in gnutls_pcert_list_import_x509_raw when provided with invalid data. Reported by Dmitriy Anisimkov. - libgnutls: Corrected timeout issue in subsequent to the first DTLS handshakes. - libgnutls: Removed unconditional not-trusted message in gnutls_certificate_verification_status_print() when used with OpenPGP certificates. Reported by Michel Briand. - libgnutls: All ciphersuites that were available in TLS1.0 or later are now made available in SSL3.0 or later to prevent any incompatibilities with servers that negotiate them in SSL 3.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-17 plugin id 73036 published 2014-03-17 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73036 title Fedora 20 : mingw-gnutls-3.1.22-1.fc20 (2014-3454) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0246.NASL description Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72793 published 2014-03-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72793 title RHEL 6 : gnutls (RHSA-2014:0246) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0339.NASL description An updated rhev-hypervisor6 package that fixes multiple security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. (CVE-2014-0055) A heap-based buffer overflow flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 79003 published 2014-11-08 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79003 title RHEL 6 : rhev-hypervisor6 (RHSA-2014:0339) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-181.NASL description The gnutls library was updated to fixed x509 certificate validation problems, where man-in-the-middle attackers could hijack SSL connections. This update also reenables Elliptic Curve support to meet current day cryptographic requirements. last seen 2020-06-05 modified 2014-06-13 plugin id 75274 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75274 title openSUSE Security Update : gnutls (openSUSE-SU-2014:0325-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0247.NASL description From Red Hat Security Advisory 2014:0247 : Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way GnuTLS handled version 1 X.509 certificates. An attacker able to obtain a version 1 certificate from a trusted certificate authority could use this flaw to issue certificates for other sites that would be accepted by GnuTLS as valid. (CVE-2009-5138) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72792 published 2014-03-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72792 title Oracle Linux 5 : gnutls (ELSA-2014-0247) NASL family Fedora Local Security Checks NASL id FEDORA_2014-3413.NASL description Added fix for CVE-2014-0092 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-07 plugin id 72869 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72869 title Fedora 20 : gnutls-3.1.20-4.fc20 (2014-3413) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0247.NASL description Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) A flaw was found in the way GnuTLS handled version 1 X.509 certificates. An attacker able to obtain a version 1 certificate from a trusted certificate authority could use this flaw to issue certificates for other sites that would be accepted by GnuTLS as valid. (CVE-2009-5138) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72794 published 2014-03-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72794 title RHEL 5 : gnutls (RHSA-2014:0247) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201406-09.NASL description The remote host is affected by the vulnerability described in GLSA-201406-09 (GnuTLS: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could utilize multiple vectors to spoof arbitrary SSL servers via a crafted certificate, execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 76061 published 2014-06-16 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76061 title GLSA-201406-09 : GnuTLS: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2014-0321-1.NASL description The GnuTLS library received a critical security fix and other updates : - CVE-2014-0092: The X.509 certificate verification had incorrect error handling, which could lead to broken certificates marked as being valid. - CVE-2009-5138: A verification problem in handling V1 certificates could also lead to V1 certificates incorrectly being handled. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2015-05-20 plugin id 83612 published 2015-05-20 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/83612 title SUSE SLES10 Security Update : gnutls (SUSE-SU-2014:0321-1) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-072.NASL description Updated gnutls packages fix security vulnerabilities : Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default (something that deviates from the documented behavior) (CVE-2014-1959). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker (CVE-2014-0092). A NULL pointer dereference flaw was discovered in GnuTLS last seen 2020-06-01 modified 2020-06-02 plugin id 82325 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82325 title Mandriva Linux Security Advisory : gnutls (MDVSA-2015:072) NASL family Scientific Linux Local Security Checks NASL id SL_20140303_GNUTLS_ON_SL6_X.NASL description It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-03-18 modified 2014-03-04 plugin id 72796 published 2014-03-04 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72796 title Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20140303) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0246.NASL description From Red Hat Security Advisory 2014:0246 : Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72791 published 2014-03-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72791 title Oracle Linux 6 : gnutls (ELSA-2014-0246) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2014-062-01.NASL description New gnutls packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 72781 published 2014-03-04 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72781 title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : gnutls (SSA:2014-062-01) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-048.NASL description Updated gnutls packages fix security vulnerability : It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker (CVE-2014-0092). last seen 2020-06-01 modified 2020-06-02 plugin id 72919 published 2014-03-11 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72919 title Mandriva Linux Security Advisory : gnutls (MDVSA-2014:048) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0246.NASL description Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) The CVE-2014-0092 issue was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team. Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. last seen 2020-06-01 modified 2020-06-02 plugin id 72803 published 2014-03-05 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72803 title CentOS 6 : gnutls (CESA-2014:0246) NASL family Fedora Local Security Checks NASL id FEDORA_2014-3493.NASL description Version 3.1.22 (released 2014-03-03) - libgnutls: Corrected certificate verification issue (GNUTLS-SA-2014-2) - libgnutls: Corrected issue in gnutls_pcert_list_import_x509_raw when provided with invalid data. Reported by Dmitriy Anisimkov. - libgnutls: Corrected timeout issue in subsequent to the first DTLS handshakes. - libgnutls: Removed unconditional not-trusted message in gnutls_certificate_verification_status_print() when used with OpenPGP certificates. Reported by Michel Briand. - libgnutls: All ciphersuites that were available in TLS1.0 or later are now made available in SSL3.0 or later to prevent any incompatibilities with servers that negotiate them in SSL 3.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-17 plugin id 73038 published 2014-03-17 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73038 title Fedora 19 : mingw-gnutls-3.1.22-1.fc19 (2014-3493) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2127-1.NASL description Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly handled certificate verification functions. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited with specially crafted certificates to view sensitive information. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2014-03-05 plugin id 72812 published 2014-03-05 reporter Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72812 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : gnutls26 vulnerability (USN-2127-1) NASL family SuSE Local Security Checks NASL id SUSE_11_GNUTLS-140227.NASL description The GnuTLS library received a critical security fix and other updates : - The X.509 certificate verification had incorrect error handling, which could lead to broken certificates marked as being valid. (CVE-2014-0092) - A verification problem in handling V1 certificates could also lead to V1 certificates incorrectly being handled. Additionally a memory leak in PSK authentication has been fixed. (bnc#835760). (CVE-2009-5138) last seen 2020-06-05 modified 2014-03-04 plugin id 72797 published 2014-03-04 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72797 title SuSE 11.3 Security Update : gnutls (SAT Patch Number 8949) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0101.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-0282 (#1198159) - fix CVE-2015-0294 (#1198159) - Corrected value initialization in mpi printing (#1129241) - Check for expiry information in the CA certificates (#1159778) - fix issue with integer padding in certificates and keys (#1036385) - fix session ID length check (#1102025) - fix CVE-2014-0092 (#1069891) - fix CVE-2013-2116 - fix DoS regression in (CVE-2013-1619) upstream patch (#966754) - fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238) last seen 2020-06-01 modified 2020-06-02 plugin id 85142 published 2015-07-31 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85142 title OracleVM 3.3 : gnutls (OVMSA-2015-0101)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 65919 CVE(CAN) ID: CVE-2014-0092 GnuTLS是用于实现TLS加密协议的函数库。 GnuTLS 3.1.22, 3.2.12之前版本在实现上存在安全漏洞,X.509证书验证的错误处理不正确,可将故障证书标记为有效证书,这可使远程用户利用此漏洞绕过证书验证。 0 GnuTLS GnuTLS 3.2.12 GnuTLS GnuTLS 3.1.22 厂商补丁: GnuTLS ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://gnutls.org http://gnutls.org/security.html#GNUTLS-SA-2014-2 |
| id | SSV:61641 |
| last seen | 2017-11-19 |
| modified | 2014-03-05 |
| published | 2014-03-05 |
| reporter | Root |
| title | GnuTLS证书验证安全限制绕过漏洞 |
References
- http://gnutls.org/security.html#GNUTLS-SA-2014-2
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00020.html
- http://rhn.redhat.com/errata/RHSA-2014-0246.html
- http://rhn.redhat.com/errata/RHSA-2014-0247.html
- http://rhn.redhat.com/errata/RHSA-2014-0288.html
- http://rhn.redhat.com/errata/RHSA-2014-0339.html
- http://secunia.com/advisories/56933
- http://secunia.com/advisories/57103
- http://secunia.com/advisories/57204
- http://secunia.com/advisories/57254
- http://secunia.com/advisories/57260
- http://secunia.com/advisories/57274
- http://secunia.com/advisories/57321
- http://www.debian.org/security/2014/dsa-2869
- http://www.securityfocus.com/bid/65919
- http://www.ubuntu.com/usn/USN-2127-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1069865