GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
BID:50609
Info
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 50609 |
| Class: | Design Error |
| CVE: |
CVE-2011-4128 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 09 2011 12:00AM |
| Updated: | Apr 13 2015 10:01PM |
| Credit: | Alban Crequy |
| Vulnerable: |
VMWare ESX 4.1 VMWare ESX 4.0 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.10 powerpc Ubuntu Ubuntu Linux 10.10 i386 Ubuntu Ubuntu Linux 10.10 ARM Ubuntu Ubuntu Linux 10.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Slackware Linux 13.37 x86_64 Slackware Linux 13.37 Slackware Linux 13.1 x86_64 Slackware Linux 13.1 Slackware Linux 13.0 x86_64 Slackware Linux 13.0 Slackware Linux 12.2 Slackware Linux 12.1 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux 5 Server Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 GNU GnuTLS 3.0.6 GNU GnuTLS 2.12.13 Gentoo Linux Avaya Proactive Contact 5.0 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya IP Office Application Server 8.0 Avaya IP Office Application Server 7.0 Avaya IP Office Application Server 6.1 Avaya IP Office Application Server 6.0 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.0 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.2.1 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 SP2 Avaya Aura Session Manager 6.1 Sp1 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 SP1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Messaging 6.1 Avaya Aura Messaging 6.0.1 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 6.0 Standard Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Communication Manager 6.0.1 Avaya Aura Communication Manager 6.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 |
| Not Vulnerable: |
GNU GnuTLS 3.0.7 GNU GnuTLS 2.12.23 |
Discussion
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
GnuTLS is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successful exploits may allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
GnuTLS is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Successful exploits may allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Exploit / POC
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more information, please mail us at: [email protected].
Solution / Fix
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references for more information.
Slackware Linux 12.2
Slackware Linux 13.1 x86_64
Mandriva Linux Mandrake 2010.1 x86_64
Slackware Linux 13.1
Slackware Linux 12.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Solution:
Updates are available. Please see the references for more information.
Slackware Linux 12.2
-
Slackware gnutls-2.8.4-i486-2_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/ gnutls-2.8.4-i486-2_slack12.2.tgz
Slackware Linux 13.1 x86_64
-
Slackware gnutls-2.8.6-x86_64-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/package s/gnutls-2.8.6-x86_64-2_slack13.1.txz
Mandriva Linux Mandrake 2010.1 x86_64
-
Mandriva gnutls-2.8.6-1.2mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64gnutls-devel-2.8.6-1.2mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64gnutls26-2.8.6-1.2mdv2010.2.x86_64.rpm
http://www.mandriva.com/en/downloads/
Slackware Linux 13.1
-
Slackware gnutls-2.8.6-i486-2_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ gnutls-2.8.6-i486-2_slack13.1.txz
Slackware Linux 12.1
-
Slackware gnutls-2.8.4-i486-2_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/ gnutls-2.8.4-i486-2_slack12.1.tgz
MandrakeSoft Enterprise Server 5 x86_64
-
Mandriva gnutls-2.4.1-2.7mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64gnutls-devel-2.4.1-2.7mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva lib64gnutls26-2.4.1-2.7mdvmes5.2.x86_64.rpm
http://www.mandriva.com/en/downloads/
MandrakeSoft Enterprise Server 5
-
Mandriva gnutls-2.4.1-2.7mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libgnutls-devel-2.4.1-2.7mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva libgnutls26-2.4.1-2.7mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
References
GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
References:
References:
- Bug 752308 - gnutls: possible DoS due to buffer overflow (GNUTLS-SA-2011-2) (Red Hat Bugzilla)
- GnuTLS (GNU)
- Possible buffer overflow on gnutls_session_get_data (Alban Crequy)
- ASA-2012-208 gnutls security update (RHSA-2012-0428) (Avaya)
- Avaya security advisory ASA-2012-163 (Avaya )
- VMSA-2012-0013 (VMWare)