[CLOSE] OSVDB ID : 26770 - Disclosed: 2006-05-31

Description:

(Description Provided by CVE) : parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.

[CLOSE] OSVDB ID : 27664 - Disclosed: 2006-07-21

Description:

(Description Provided by CVE) : Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.

[CLOSE] OSVDB ID : 1702 - Disclosed: 2000-12-20

Description:

GnuPG contains a flaw that may allow a malicious user to compromise the web of trust. The issue is triggered when the user retrieves keys from a public keyserver. GnuPG will import private keys as well as public ones, and will not warn the user about the import of private keys. An attacker can upload a private key to the keyserver as well as a public one, with malicious intent. Since private keys are implicitly trusted, it is possible that the flaw may allow a change in the trust relationships of the web of trust, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 4905 - Disclosed: 2003-07-19

Description:

GnuPG contains a flaw that may allow a malicious user to overwrite group root writeable files. The issue is triggered when GnuPG has the setgid bit set. It is possible that the flaw may allow improper overwriting of files, resulting in a loss of integrity and/or availability.

[CLOSE] OSVDB ID : 1845 - Disclosed: 2001-05-29

Description:

GnuPG contains a flaw that may allow a malicious user to execute arbitrary code in the context of a user decrypting a given file. The issue is triggered when the attacker sends the victim a GPG message with a crafted filename, exploiting a format string vulnerability in the tty_printf() function. It is possible that the flaw may allow execution of code in the context of the target user, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 55973 - Disclosed: 2009-03-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60139 - Disclosed: 2002-12-06

Description:

(Description Provided by CVE) : Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.

[CLOSE] OSVDB ID : 78882 - Disclosed: 2012-01-02

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 64534 - Disclosed: 2010-05-03

Description:

(Description Provided by CVE) : Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a (1) -c or (2) -a option, which prints file contents in an error message.

[CLOSE] OSVDB ID : 64535 - Disclosed: 2010-05-03

Description:

(Description Provided by CVE) : Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 might allow context-dependent attackers to execute arbitrary code via a (1) file or (2) socket that provides configuration data with many entries, leading to a heap-based buffer overflow.

[CLOSE] OSVDB ID : 9202 - Disclosed: 2001-08-30

Description:

(Description Provided by CVE) : Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attackers to execute arbitrary script on other clients by sharing a file whose name contains the script tags.

[CLOSE] OSVDB ID : 78228 - Disclosed: 2012-01-06

Description:

(Description Provided by CVE) : The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108.

[CLOSE] OSVDB ID : 45382 - Disclosed: 2008-05-19

Description:

(Description Provided by CVE) : The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1.

[CLOSE] OSVDB ID : 45383 - Disclosed: 2008-05-19

Description:

(Description Provided by CVE) : The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.

[CLOSE] OSVDB ID : 64890 - Disclosed: 2006-08-12

Description:

(Description Provided by CVE) : The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not supported by GnuTLS, which triggers a NULL pointer dereference.

[CLOSE] OSVDB ID : 47467 - Disclosed: 2008-06-30

Description:

(Description Provided by CVE) : Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.

[CLOSE] OSVDB ID : 76961 - Disclosed: 2011-11-08

Description:

(Description Provided by CVE) : Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.

[CLOSE] OSVDB ID : 45384 - Disclosed: 2008-05-19

Description:

(Description Provided by CVE) : Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.

[CLOSE] OSVDB ID : 54623 - Disclosed: 2009-04-20

Description:

(Description Provided by CVE) : lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key.

[CLOSE] OSVDB ID : 54624 - Disclosed: 2009-04-23

Description:

(Description Provided by CVE) : lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free.

[CLOSE] OSVDB ID : 49851 - Disclosed: 2008-11-10

Description:

(Description Provided by CVE) : The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).

[CLOSE] OSVDB ID : 56960 - Disclosed: 2009-08-10

Description:

(Description Provided by CVE) : libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

[CLOSE] OSVDB ID : 54625 - Disclosed: 2009-04-30

Description:

(Description Provided by CVE) : gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.

[CLOSE] OSVDB ID : 63304 - Disclosed: 2010-03-25

Description:

(Description Provided by CVE) : The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number.

[CLOSE] OSVDB ID : 23054 - Disclosed: 2006-02-09

Description:

(Description Provided by CVE) : Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.

[CLOSE] OSVDB ID : 16054 - Disclosed: 2005-04-28

Description:

GnuTLS contains a flaw that may allow a remote denial of service. The issue is due to an error in the record packet parsing routines, and will result in loss of availability for the platform. No further details have been provided.

[CLOSE] OSVDB ID : 28778 - Disclosed: 2006-09-08

Description:

(Description Provided by CVE) : verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.

[CLOSE] OSVDB ID : 59972 - Disclosed: 2009-11-06

Description:

(Description Provided by CVE) : The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

[CLOSE] OSVDB ID : 8278 - Disclosed: 2004-08-02

Description:

GnuTLS contains a flaw that may allow a remote denial of service. The issue is due to the product not limiting the length of a certificate chain or the size of the RSA or DSA keys used to sign a X.509 certificate. An attacker can craft a certificate using very large keys causing the product to consume excessive CPU resources when trying to validate the certificate chain resulting in a denial of service condition, and will result in loss of availability for the platform.

[CLOSE] OSVDB ID : 38139 - Disclosed: 2007-05-25

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter.