Test Kennung:	1.3.6.1.4.1.25623.1.0.881742
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for gnutls CESA-2013:0883 centos6
Zusammenfassung:	The remote host is missing an update for the 'gnutls'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the referenced advisory. Vulnerability Insight: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that the fix for the CVE-2013-1619 issue released via RHSA-2013:0588 introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS. (CVE-2013-2116) Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. Affected Software/OS: gnutls on CentOS 6 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2116 1028603 http://www.securitytracker.com/id/1028603 53911 http://secunia.com/advisories/53911 57260 http://secunia.com/advisories/57260 57274 http://secunia.com/advisories/57274 DSA-2697 http://www.debian.org/security/2013/dsa-2697 MDVSA-2013:171 http://www.mandriva.com/security/advisories?name=MDVSA-2013:171 RHSA-2013:0883 http://rhn.redhat.com/errata/RHSA-2013-0883.html SUSE-SU-2013:1060 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00019.html SUSE-SU-2014:0320 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html SUSE-SU-2014:0322 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html USN-1843-1 http://www.ubuntu.com/usn/USN-1843-1 http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6753 http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6754 http://www.gnutls.org/security.html#GNUTLS-SA-2013-2 https://gitorious.org/gnutls/gnutls/commit/5164d5a1d57cd0372a5dd074382ca960ca18b27d Common Vulnerability Exposure (CVE) ID: CVE-2013-1619 http://www.isg.rhul.ac.uk/tls/TLStiming.pdf http://openwall.com/lists/oss-security/2013/02/05/24 RedHat Security Advisories: RHSA-2013:0588 http://rhn.redhat.com/errata/RHSA-2013-0588.html SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search) SuSE Security Announcement: SUSE-SU-2014:0322 (Google Search) SuSE Security Announcement: openSUSE-SU-2013:0807 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-05/msg00023.html SuSE Security Announcement: openSUSE-SU-2014:0346 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00009.html http://www.ubuntu.com/usn/USN-1752-1
Copyright	Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.