GLSA-200905-04 : GnuTLS: Multiple vulnerabilities

high Nessus Plugin ID 38885

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200905-04 (GnuTLS: Multiple vulnerabilities)

The following vulnerabilities were found in GnuTLS:
Miroslav Kratochvil reported that lib/pk-libgcrypt.c does not properly handle corrupt DSA signatures, possibly leading to a double-free vulnerability (CVE-2009-1415).
Simon Josefsson reported that GnuTLS generates RSA keys stored in DSA structures when creating a DSA key (CVE-2009-1416).
Romain Francoise reported that the _gnutls_x509_verify_certificate() function in lib/x509/verify.c does not perform time checks, resulting in the 'gnutls-cli' program accepting X.509 certificates with validity times in the past or future (CVE-2009-1417).
Impact :

A remote attacker could entice a user or automated system to process a specially crafted DSA certificate, possibly resulting in a Denial of Service condition. NOTE: This issue might have other unspecified impact including the execution of arbitrary code. Furthermore, a remote attacker could spoof signatures on certificates and the 'gnutls-cli' application can be tricked into accepting an invalid certificate.
Workaround :

There is no known workaround at this time.

Solution

All GnuTLS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/gnutls-2.6.6'

See Also

https://security.gentoo.org/glsa/200905-04

Plugin Details

Severity: High

ID: 38885

File Name: gentoo_GLSA-200905-04.nasl

Version: 1.15

Type: local

Published: 5/26/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:gnutls, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/24/2009

Reference Information

CVE: CVE-2009-1415, CVE-2009-1416, CVE-2009-1417

CWE: 255, 310

GLSA: 200905-04