|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2006-0207: gnutls Vulnerability Assessment Details
|
RHSA-2006-0207: gnutls |
||
Check for the version of the gnutls packages Detailed Explanation for this Vulnerability Assessment Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GNU TLS Library provides support for cryptographic algorithms and protocols such as TLS. GNU TLS includes Libtasn1, a library developed for ASN.1 structures management that includes DER encoding and decoding. Several flaws were found in the way libtasn1 decodes DER. A possible hacker could create a carefully crafted invalid X.509 certificate in such a way that could trigger this flaw if parsed by an application that uses GNU TLS. This could lead to a denial of service (application crash). It is not certain if this issue could be escalated to permit arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0645 to this issue. In Red Hat Enterprise Linux 4, the GNU TLS library is only used by the Evolution client when connecting to an Exchange server or when publishing calendar information to a WebDAV server. Users are advised to upgrade to these updated packages, which contain a backported patch from the GNU TLS maintainers to correct this issue. Solution : http://rhn.redhat.com/errata/RHSA-2006-0207.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
Cables, Connectors |
IBM Power8 S822L Storage Server 8247-22L - With Ram, Some Cards, No HDD's
$399.95
IBM SYSTEM X3500 M3 SERVER 7380AC1 2*XEON E5620 2.4GHz 8GB SEE NOTES
$33.21
IBM x3650 M4 2x Xeon E5-2670 2.6ghz 16-Core / 64GB / M5110e / 2x PSU
$129.99
IBM X3650 M5 5462-AC1,2 X E5-2640V3 2.6GHZ 8C, 16 GB, DUAL 750W, 2 X 1TB SERVER
$249.99
IBM 8284-22A S822 Dual Power8 Cpu 512Gb (16x 32Gb) RAM
$795.00
IBM Power S822 12-Bay Server System Power8 Core 3.42Ghz DVD-Rom Drive 64GB No HD
$399.99
IBM Lenovo X3650 M5 2U 8x 2.5” CTO Rack Server – 2x HS, 2x 750W
$199.00
IBM Power S822 8284-22A 12SFF Power8 3.89GHz 6-Core 64GB RAM No Bezel/HDD Server
$359.99
IBM 8203 E4A p520 Server 8203-E4A 4.2GHz 2-Core POWER6 32GB RAM / NO HDD USED
$119.99
IBM System X 3250 M5 Single Xeon Quad Core E3-1220 v3 @3.1GHz,8GB RAM,Linux SUSE
$199.87
|
||
No Discussions have been posted on this vulnerability. |