CVE-2008-1948
Published: 21 May 2008
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
gnutls12 Launchpad, Ubuntu, Debian |
dapper |
Released
(1.2.9-2ubuntu1.2)
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
gnutls13 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Released
(1.4.4-3ubuntu0.1)
|
|
| gutsy |
Released
(1.6.3-1ubuntu0.1)
|
|
| hardy |
Released
(2.0.4-1ubuntu2.1)
|
|
| upstream |
Needs triage
|
|
|
gnutls26 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Does not exist
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| upstream |
Released
(2.2.5)
|