SB2017011009 - Denial of service in GnuTLS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017011009

SB2017011009 - Denial of service in GnuTLS

Published: January 10, 2017 Updated: August 2, 2017

Security Bulletin ID SB2017011009
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Double free (CVE-ID: CVE-2017-5334)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient validation of user-supplied input by the gnutls_x509_ext_import_proxy function. A remote attacker can send a specially crafted X.509 certificate with Proxy Certificate Information extension present, trigger double free error and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Memory corruption (CVE-ID: CVE-2017-5335)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient error checking in the stream-reading functions. A remote attacker can send a specially crafted OpenPGP certificate, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Stack-based buffer overflow (CVE-ID: CVE-2017-5336)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the cdk_pk_get_keyid function. A remote attacker can send a specially crafted OpenPGP certificate, trigger stack-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Heap-based buffer overflow (CVE-ID: CVE-2017-5337)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the read_attribute function. A remote attacker can send a specially crafted OpenPGP certificate, trigger heap-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References