[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2015-1457 -- Oracle gnutls

ID: oval:org.secpod.oval:def:1501091Date: (C)2015-08-03   (M)2023-07-28
Class: PATCHFamily: unix




Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0282 GnuTLS does not verify the RSA PKCS #1 signature algorithm to match the signature algorithm in the certificate, leading to a potential downgrade to a disallowed algorithm without detecting it. CVE-2015-0294 It was reported that GnuTLS does not check whether the two signature algorithms match on certificate import.

Platform:
Oracle Linux 6
Product:
gnutls
Reference:
ELSA-2015-1457
CVE-2015-0282
CVE-2015-0294
CVE-2014-8155
CVE    3
CVE-2014-8155
CVE-2015-0282
CVE-2015-0294
CPE    3
cpe:/a:gnu:gnutls:3.0.9
cpe:/o:oracle:linux:6
cpe:/a:gnu:gnutls

© SecPod Technologies