Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
Astra Linux SE 1.5
Astra Linux SE 1.6
Astra Linux SE 1.7
Astra Linux SE 1.8
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:ru.altx-soft.nix:def:57765
[Eng]
Version
5
Class
vulnerability
ALTXid
228341
Language
Russian
Severity
Medium
Title
Ubuntu -- уязвимость в gnutls26 (CVE-2014-3466)
Description
В продукте gnutls26 обнаружена уязвимость CVE-2014-3466.
Family
unix
Platform
Linux Mint 17
Ubuntu 10.04
Ubuntu 12.04
Ubuntu 13.10
Ubuntu 14.04
Product
gnutls26
Reference
FSTEC: BDU:2015-09761
FSTEC: BDU:2015-09761
Id:
BDU:2015-09761
Reference:
https://bdu.fstec.ru/vul/2015-09761
FSTEC: BDU:2015-09121
FSTEC: BDU:2015-09121
Id:
BDU:2015-09121
Reference:
https://bdu.fstec.ru/vul/2015-09121
FSTEC: BDU:2015-09120
FSTEC: BDU:2015-09120
Id:
BDU:2015-09120
Reference:
https://bdu.fstec.ru/vul/2015-09120
FSTEC: BDU:2015-09119
FSTEC: BDU:2015-09119
Id:
BDU:2015-09119
Reference:
https://bdu.fstec.ru/vul/2015-09119
FSTEC: BDU:2015-09118
FSTEC: BDU:2015-09118
Id:
BDU:2015-09118
Reference:
https://bdu.fstec.ru/vul/2015-09118
FSTEC: BDU:2015-09117
FSTEC: BDU:2015-09117
Id:
BDU:2015-09117
Reference:
https://bdu.fstec.ru/vul/2015-09117
FSTEC: BDU:2015-07254
FSTEC: BDU:2015-07254
Id:
BDU:2015-07254
Reference:
https://bdu.fstec.ru/vul/2015-07254
FSTEC: BDU:2015-07252
FSTEC: BDU:2015-07252
Id:
BDU:2015-07252
Reference:
https://bdu.fstec.ru/vul/2015-07252
FSTEC: BDU:2015-07250
FSTEC: BDU:2015-07250
Id:
BDU:2015-07250
Reference:
https://bdu.fstec.ru/vul/2015-07250
FSTEC: BDU:2015-07247
FSTEC: BDU:2015-07247
Id:
BDU:2015-07247
Reference:
https://bdu.fstec.ru/vul/2015-07247
FSTEC: BDU:2015-07242
FSTEC: BDU:2015-07242
Id:
BDU:2015-07242
Reference:
https://bdu.fstec.ru/vul/2015-07242
FSTEC: BDU:2015-05946
FSTEC: BDU:2015-05946
Id:
BDU:2015-05946
Reference:
https://bdu.fstec.ru/vul/2015-05946
FSTEC: BDU:2015-05945
FSTEC: BDU:2015-05945
Id:
BDU:2015-05945
Reference:
https://bdu.fstec.ru/vul/2015-05945
FSTEC: BDU:2015-05944
FSTEC: BDU:2015-05944
Id:
BDU:2015-05944
Reference:
https://bdu.fstec.ru/vul/2015-05944
FSTEC: BDU:2015-05943
FSTEC: BDU:2015-05943
Id:
BDU:2015-05943
Reference:
https://bdu.fstec.ru/vul/2015-05943
FSTEC: BDU:2015-05942
FSTEC: BDU:2015-05942
Id:
BDU:2015-05942
Reference:
https://bdu.fstec.ru/vul/2015-05942
FSTEC: BDU:2015-05941
FSTEC: BDU:2015-05941
Id:
BDU:2015-05941
Reference:
https://bdu.fstec.ru/vul/2015-05941
FSTEC: BDU:2015-05940
FSTEC: BDU:2015-05940
Id:
BDU:2015-05940
Reference:
https://bdu.fstec.ru/vul/2015-05940
FSTEC: BDU:2015-05939
FSTEC: BDU:2015-05939
Id:
BDU:2015-05939
Reference:
https://bdu.fstec.ru/vul/2015-05939
FSTEC: BDU:2015-05938
FSTEC: BDU:2015-05938
Id:
BDU:2015-05938
Reference:
https://bdu.fstec.ru/vul/2015-05938
FSTEC: BDU:2015-05937
FSTEC: BDU:2015-05937
Id:
BDU:2015-05937
Reference:
https://bdu.fstec.ru/vul/2015-05937
FSTEC: BDU:2015-05936
FSTEC: BDU:2015-05936
Id:
BDU:2015-05936
Reference:
https://bdu.fstec.ru/vul/2015-05936
FSTEC: BDU:2015-05935
FSTEC: BDU:2015-05935
Id:
BDU:2015-05935
Reference:
https://bdu.fstec.ru/vul/2015-05935
FSTEC: BDU:2015-05934
FSTEC: BDU:2015-05934
Id:
BDU:2015-05934
Reference:
https://bdu.fstec.ru/vul/2015-05934
FSTEC: BDU:2015-05933
FSTEC: BDU:2015-05933
Id:
BDU:2015-05933
Reference:
https://bdu.fstec.ru/vul/2015-05933
FSTEC: BDU:2015-05932
FSTEC: BDU:2015-05932
Id:
BDU:2015-05932
Reference:
https://bdu.fstec.ru/vul/2015-05932
FSTEC: BDU:2015-05931
FSTEC: BDU:2015-05931
Id:
BDU:2015-05931
Reference:
https://bdu.fstec.ru/vul/2015-05931
FSTEC: BDU:2015-05930
FSTEC: BDU:2015-05930
Id:
BDU:2015-05930
Reference:
https://bdu.fstec.ru/vul/2015-05930
FSTEC: BDU:2015-05929
FSTEC: BDU:2015-05929
Id:
BDU:2015-05929
Reference:
https://bdu.fstec.ru/vul/2015-05929
FSTEC: BDU:2015-05928
FSTEC: BDU:2015-05928
Id:
BDU:2015-05928
Reference:
https://bdu.fstec.ru/vul/2015-05928
FSTEC: BDU:2015-05927
FSTEC: BDU:2015-05927
Id:
BDU:2015-05927
Reference:
https://bdu.fstec.ru/vul/2015-05927
FSTEC: BDU:2015-05926
FSTEC: BDU:2015-05926
Id:
BDU:2015-05926
Reference:
https://bdu.fstec.ru/vul/2015-05926
FSTEC: BDU:2015-05925
FSTEC: BDU:2015-05925
Id:
BDU:2015-05925
Reference:
https://bdu.fstec.ru/vul/2015-05925
FSTEC: BDU:2015-05924
FSTEC: BDU:2015-05924
Id:
BDU:2015-05924
Reference:
https://bdu.fstec.ru/vul/2015-05924
FSTEC: BDU:2015-05923
FSTEC: BDU:2015-05923
Id:
BDU:2015-05923
Reference:
https://bdu.fstec.ru/vul/2015-05923
FSTEC: BDU:2015-04318
FSTEC: BDU:2015-04318
Id:
BDU:2015-04318
Reference:
https://bdu.fstec.ru/vul/2015-04318
FSTEC: BDU:2015-04317
FSTEC: BDU:2015-04317
Id:
BDU:2015-04317
Reference:
https://bdu.fstec.ru/vul/2015-04317
FSTEC: BDU:2015-04316
FSTEC: BDU:2015-04316
Id:
BDU:2015-04316
Reference:
https://bdu.fstec.ru/vul/2015-04316
FSTEC: BDU:2015-04315
FSTEC: BDU:2015-04315
Id:
BDU:2015-04315
Reference:
https://bdu.fstec.ru/vul/2015-04315
FSTEC: BDU:2015-04314
FSTEC: BDU:2015-04314
Id:
BDU:2015-04314
Reference:
https://bdu.fstec.ru/vul/2015-04314
FSTEC: BDU:2015-00392
FSTEC: BDU:2015-00392
Id:
BDU:2015-00392
Reference:
http://www.bdu.fstec.ru/vul/2015-00392
CVE: CVE-2014-3466
CVE: CVE-2014-3466
Id:
CVE-2014-3466
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
Comment
: Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
CVSSv2 Score:
6.8
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE:
119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
References:
http://www.gnutls.org/security.html (CONFIRM)
DSA-2944 (DEBIAN)
https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd (CONFIRM)
https://bugzilla.redhat.com/show_bug.cgi?id=1101932 (CONFIRM)
RHSA-2014:0594 (REDHAT)
openSUSE-SU-2014:0767 (SUSE)
58601 (SECUNIA)
59016 (SECUNIA)
58642 (SECUNIA)
http://linux.oracle.com/errata/ELSA-2014-0595.html (CONFIRM)
58340 (SECUNIA)
58598 (SECUNIA)
openSUSE-SU-2014:0763 (SUSE)
59057 (SECUNIA)
59021 (SECUNIA)
http://linux.oracle.com/errata/ELSA-2014-0594.html (CONFIRM)
59086 (SECUNIA)
RHSA-2014:0815 (REDHAT)
http://www-01.ibm.com/support/docview.wss?uid=swg21678776 (CONFIRM)
59838 (SECUNIA)
1030314 (SECTRACK)
http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/ (MISC)
67741 (BID)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155 (CONFIRM)
http://www.novell.com/support/kb/doc.php?id=7015303 (CONFIRM)
http://www.novell.com/support/kb/doc.php?id=7015302 (CONFIRM)
60384 (SECUNIA)
59408 (SECUNIA)
USN-2229-1 (UBUNTU)
RHSA-2014:0684 (REDHAT)
RHSA-2014:0595 (REDHAT)
SUSE-SU-2014:0788 (SUSE)
SUSE-SU-2014:0758 (SUSE)
VENDOR: USN-2229-1
VENDOR: USN-2229-1
Id:
USN-2229-1
Reference:
http://www.ubuntu.com/usn/usn-2229-1/
Content available only for registered users!
ovaldb@altx-soft.com