gnutls heartbleed equivalent?
David Tomaschik
david at systemoverlord.com
Tue Jun 3 01:51:33 CEST 2014
It's actually a memory corruption leading to remote code execution, though
it's not clear how reliable the RCE is. (Possibly, if you can heap spray
the client?)
Technical analysis here:
http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/.
Affects clients only.
On Mon, Jun 2, 2014 at 4:32 PM, Doug Barton <dougb at dougbarton.us> wrote:
> I'm noticing this in today's Ubuntu updates:
>
> SECURITY UPDATE: memory corruption due to server hello parsing
> -debian/patches/CVE-2014-3466.patch: validate session_id_len in
> lib/gnutls_handshake.c
>
> I haven't looked at the code, and the CVE referenced is simply reserved,
> not populated yet. But that description sounds like it's at best a very
> close cousin to our friend heartbleed ...
>
> curious,
>
> Doug
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
--
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140602/95e08119/attachment.html>
More information about the Gnupg-users
mailing list