Vulnerabilities > CVE-2014-3468 - Incorrect Calculation of Buffer Size vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

Vulnerable Configurations

Part Description Count
Application
Gnu
375
Application
Redhat
1
OS
Redhat
24
OS
Debian
1
OS
Suse
7
OS
F5
6
Hardware
F5
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-77.NASL
    descriptionSeveral vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial of service via out-of-bounds access or NULL pointer dereference. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-03-26
    plugin id82222
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82222
    titleDebian DLA-77-1 : libtasn1-3 security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBTASN1-140717.NASL
    descriptionlibtasn1 has been updated to fix three security issues : - asn1_get_bit_der() could have returned negative bit length. (CVE-2014-3468) - Multiple boundary check issues could have allowed DoS. (CVE-2014-3467) - Possible DoS by NULL pointer dereference in asn1_read_value_type (CVE-2014-3469)
    last seen2020-06-05
    modified2014-07-24
    plugin id76755
    published2014-07-24
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76755
    titleSuSE 11.3 Security Update : libtasn1 (SAT Patch Number 9528)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_GNUTLS_20141120.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. (CVE-2014-3465) - Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. (CVE-2014-3466) - Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnutTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 data. (CVE-2014-3467) - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. (CVE-2014-3468) - The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. (CVE-2014-3469)
    last seen2020-06-01
    modified2020-06-02
    plugin id80632
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80632
    titleOracle Solaris Third-Party Patch Update : gnutls (multiple_vulnerabilities_in_gnutls)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3056.NASL
    descriptionSeveral vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.
    last seen2020-03-17
    modified2014-10-27
    plugin id78681
    published2014-10-27
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78681
    titleDebian DSA-3056-1 : libtasn1-3 - security update
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0596.NASL
    descriptionUpdated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74311
    published2014-06-05
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74311
    titleCentOS 6 : libtasn1 (CESA-2014:0596)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2294-1.NASL
    descriptionIt was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. (CVE-2014-3467) It was discovered that Libtasn1 incorrectly handled negative bit lengths. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-3468) It was discovered that Libtasn1 incorrectly handled certain ASN.1 data. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. (CVE-2014-3469). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id76704
    published2014-07-23
    reporterUbuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76704
    titleUbuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : libtasn1-3, libtasn1-6 vulnerabilities (USN-2294-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-6895.NASL
    descriptionnew upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-06-05
    plugin id74317
    published2014-06-05
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74317
    titleFedora 20 : libtasn1-3.6-1.fc20 (2014-6895)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0596.NASL
    descriptionUpdated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74303
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74303
    titleRHEL 6 : libtasn1 (RHSA-2014:0596)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-116.NASL
    descriptionUpdated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash (CVE-2014-3467). It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte (CVE-2014-3468). A NULL pointer dereference flaw was found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id82369
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82369
    titleMandriva Linux Security Advisory : libtasn1 (MDVSA-2015:116)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140603_LIBTASN1_ON_SL6_X.NASL
    descriptionIt was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-03-18
    modified2014-06-04
    plugin id74307
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74307
    titleScientific Linux Security Update : libtasn1 on SL6.x i386/x86_64 (20140603)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2014-156-02.NASL
    descriptionNew libtasn1 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id74330
    published2014-06-06
    reporterThis script is Copyright (C) 2014 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74330
    titleSlackware 14.0 / 14.1 / current : libtasn1 (SSA:2014-156-02)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2014-156-01.NASL
    descriptionNew gnutls packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id74329
    published2014-06-06
    reporterThis script is Copyright (C) 2014 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74329
    titleSlackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : gnutls (SSA:2014-156-01)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0594.NASL
    descriptionFrom Red Hat Security Advisory 2014:0594 : Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74296
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74296
    titleOracle Linux 5 : gnutls (ELSA-2014-0594)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_GNUTLS-140603.NASL
    descriptionGnuTLS has been patched to ensure proper parsing of session ids during the TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have been fixed. Further information is available at http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 These security issues have been fixed : - Possible memory corruption during connect. (CVE-2014-3466) - Multiple boundary check issues could allow DoS. (CVE-2014-3467) - asn1_get_bit_der() can return negative bit length. (CVE-2014-3468) - Possible DoS by NULL pointer dereference (CVE-2014-3469)
    last seen2020-06-05
    modified2014-06-05
    plugin id74321
    published2014-06-05
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74321
    titleSuSE 11.3 Security Update : gnutls (SAT Patch Number 9320)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201408-09.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201408-09 (GNU Libtasn1: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GNU Libtasn1. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id77453
    published2014-08-30
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77453
    titleGLSA-201408-09 : GNU Libtasn1: Multiple vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2014-359.NASL
    descriptionIt was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id78302
    published2014-10-12
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78302
    titleAmazon Linux AMI : libtasn1 (ALAS-2014-359)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140603_GNUTLS_ON_SL5_X.NASL
    descriptionA flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-03-18
    modified2014-06-04
    plugin id74305
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74305
    titleScientific Linux Security Update : gnutls on SL5.x i386/x86_64 (20140603)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-107.NASL
    descriptionUpdated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash (CVE-2014-3467). It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte (CVE-2014-3468). A NULL pointer dereference flaw was found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74416
    published2014-06-10
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74416
    titleMandriva Linux Security Advisory : libtasn1 (MDVSA-2014:107)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0687.NASL
    descriptionUpdated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id76896
    published2014-07-30
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76896
    titleRHEL 7 : libtasn1 (RHSA-2014:0687)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0596.NASL
    descriptionFrom Red Hat Security Advisory 2014:0596 : Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74298
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74298
    titleOracle Linux 6 : libtasn1 (ELSA-2014-0596)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_LIBTASN1_20140715.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. (CVE-2014-3468) - The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. (CVE-2014-3469)
    last seen2020-06-01
    modified2020-06-02
    plugin id80678
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80678
    titleOracle Solaris Third-Party Patch Update : libtasn1 (multiple_vulnerabilities_in_gnu_libtasn1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0815.NASL
    descriptionAn updated rhev-hypervisor6 package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id79108
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79108
    titleRHEL 6 : rhev-hypervisor6 (RHSA-2014:0815)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-6919.NASL
    descriptionnew upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-06-10
    plugin id74407
    published2014-06-10
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74407
    titleFedora 19 : libtasn1-3.6-1.fc19 (2014-6919)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0687.NASL
    descriptionFrom Red Hat Security Advisory 2014:0687 : Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id76734
    published2014-07-24
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76734
    titleOracle Linux 7 : libtasn1 (ELSA-2014-0687)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0594.NASL
    descriptionUpdated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74309
    published2014-06-05
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74309
    titleCentOS 5 : gnutls (CESA-2014:0594)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0594.NASL
    descriptionUpdated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1
    last seen2020-06-01
    modified2020-06-02
    plugin id74301
    published2014-06-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74301
    titleRHEL 5 : gnutls (RHSA-2014:0594)

Redhat

advisories
  • rhsa
    idRHSA-2014:0594
  • rhsa
    idRHSA-2014:0596
  • rhsa
    idRHSA-2014:0687
  • rhsa
    idRHSA-2014:0815
rpms
  • gnutls-0:1.4.1-16.el5_10
  • gnutls-debuginfo-0:1.4.1-16.el5_10
  • gnutls-devel-0:1.4.1-16.el5_10
  • gnutls-utils-0:1.4.1-16.el5_10
  • libtasn1-0:2.3-6.el6_5
  • libtasn1-debuginfo-0:2.3-6.el6_5
  • libtasn1-devel-0:2.3-6.el6_5
  • libtasn1-tools-0:2.3-6.el6_5
  • libtasn1-0:3.3-5.el7_0
  • libtasn1-debuginfo-0:3.3-5.el7_0
  • libtasn1-devel-0:3.3-5.el7_0
  • libtasn1-tools-0:3.3-5.el7_0
  • rhev-hypervisor6-0:6.5-20140624.0.el6ev