QwikSec

Security Database

CVE

CWE

Training

CVE-2014-3465

Published: Jun 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[gnutls-help] 20140131 gnutls 3.2.10

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1101734

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2014:0763

vendor-advisory

x_refsource_SUSE

https://www.gitorious.org/gnutls/gnutls/commit/d3648ebb04b650e6d20a2ec1fb839256b30b9fc6

x_refsource_CONFIRM

openSUSE-SU-2014:0767

vendor-advisory

x_refsource_SUSE

[gnutls-help] 20140131 gnutls 3.1.20

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.