Test Kennung:	1.3.6.1.4.1.25623.1.0.881742
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for gnutls CESA-2013:0883 centos6
Zusammenfassung:	The remote host is missing an update for the 'gnutls'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the referenced advisory. Vulnerability Insight: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that the fix for the CVE-2013-1619 issue released via RHSA-2013:0588 introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS. (CVE-2013-2116) Users of GnuTLS are advised to upgrade to these updated packages, which correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted. Affected Software/OS: gnutls on CentOS 6 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2116 Debian Security Information: DSA-2697 (Google Search) http://www.debian.org/security/2013/dsa-2697 http://www.mandriva.com/security/advisories?name=MDVSA-2013:171 http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6753 RedHat Security Advisories: RHSA-2013:0883 http://rhn.redhat.com/errata/RHSA-2013-0883.html http://www.securitytracker.com/id/1028603 http://secunia.com/advisories/53911 http://secunia.com/advisories/57260 http://secunia.com/advisories/57274 SuSE Security Announcement: SUSE-SU-2013:1060 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00019.html SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html SuSE Security Announcement: SUSE-SU-2014:0322 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html http://www.ubuntu.com/usn/USN-1843-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1619 http://www.isg.rhul.ac.uk/tls/TLStiming.pdf http://openwall.com/lists/oss-security/2013/02/05/24 RedHat Security Advisories: RHSA-2013:0588 http://rhn.redhat.com/errata/RHSA-2013-0588.html SuSE Security Announcement: openSUSE-SU-2013:0807 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-05/msg00023.html SuSE Security Announcement: openSUSE-SU-2014:0346 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00009.html http://www.ubuntu.com/usn/USN-1752-1
Copyright	Copyright (c) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.