Back to search
CVE-2013-2116
Published: Jul 3, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
57260
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2013:1060
vendor-advisory
x_refsource_SUSE
57274
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2014:0320
vendor-advisory
x_refsource_SUSE
SUSE-SU-2014:0322
vendor-advisory
x_refsource_SUSE
MDVSA-2013:171
vendor-advisory
x_refsource_MANDRIVA
RHSA-2013:0883
vendor-advisory
x_refsource_REDHAT
DSA-2697
vendor-advisory
x_refsource_DEBIAN
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6754
x_refsource_CONFIRM
http://www.gnutls.org/security.html#GNUTLS-SA-2013-2
x_refsource_CONFIRM
53911
third-party-advisory
x_refsource_SECUNIA
USN-1843-1
vendor-advisory
x_refsource_UBUNTU
1028603
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now