GNUTLS 3.1.x/3.2.x Denial of service

Posted on 25 October 2013

GNUTLS just posted a security adivsory which needs a CVE: http://www.gnutls.org/security.html#GNUTLS-SA-2013-3 GNUTLS-SA-2013-3 Denial of service This vulnerability affects the DANE library of gnutls 3.1.x and gnutls 3.2.x. A server that returns more 4 DANE entries could corrupt the memory of a requesting client. Recommendation: Upgrade to the latest gnutls version (3.1.15 or 3.2.5) Commit for 3.1: https://gitorious.org/gnutls/gnutls/commit/916deedf41604270ac398314809e8377476433db Commit for 3.2: https://gitorious.org/gnutls/gnutls/commit/ed51e5e53cfbab3103d6b7b85b7ba4515e4f30c3 Ciao, Marcus

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20