GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
BID:106080
CVE-2018-16868 |Info
GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
| Bugtraq ID: | 106080 |
| Class: | Design Error |
| CVE: |
CVE-2018-16868 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 30 2018 12:00AM |
| Updated: | Nov 30 2018 12:00AM |
| Credit: | Sam Fowler |
| Vulnerable: |
Redhat Enterprise Linux 7 Redhat Enterprise Linux 6 Redhat Enterprise Linux 5 GNU GnuTLS - 0 |
| Not Vulnerable: | |
Discussion
GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
GNU GnuTLS is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.
GNU GnuTLS is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.
Exploit / POC
GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
GNU GnuTLS CVE-2018-16868 Information Disclosure Vulnerability
References:
References:
- CVE-2018-16868 gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 v (RedHat)
- GNU GnuTLS Home Page (GNU GnuTLS Home Page)
- GnuTLS Github (GnuTLS)
- The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations (The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations)