Vulnerability Bulletins |
DSA-2944 gnutls26 - security update |
|
System information |
|
| Affected software | Debian |
Description |
|
|
Joonas Kuorilehto discovered that GNU TLS performed insufficientvalidation of session IDs during TLS/SSL handshakes. A malicious servercould use this to execute arbitrary code or perform denial of service. More info: https://www.debian.org/security/2014/dsa-2944 |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2014-3466 and DSA-2944. |
Version history |
||
| Version | Comments | Date |
| 1.0 | Advisory issued | 2014-06-04 |