SB2017040702 - Amazon Linux AMI update for gnutls 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017040702

SB2017040702 - Amazon Linux AMI update for gnutls

Published: April 7, 2017

Security Bulletin ID SB2017040702
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2017-5335)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient error checking in the stream-reading functions. A remote attacker can send a specially crafted OpenPGP certificate, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Stack-based buffer overflow (CVE-ID: CVE-2017-5336)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the cdk_pk_get_keyid function. A remote attacker can send a specially crafted OpenPGP certificate, trigger stack-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Heap-based buffer overflow (CVE-ID: CVE-2017-5337)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the read_attribute function. A remote attacker can send a specially crafted OpenPGP certificate, trigger heap-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Denial of service (CVE-ID: CVE-2016-8610)

The vulnerability allows a remote unauthenticated user to exhaust memory on the target system.
The weakness is due to improper handling of certain packets by the ssl3_read_bytes() function in 'ssl/s3_pkt.c.
By sending a flood of SSL3_AL_WARNING alerts during the SSL handshake, a remote attacker can consume excessive CPU resources that may lead to OpenSSL library being unavailable.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.

Remediation

Install update from vendor's website.

References