Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x prior to 2.12.14 and 3.x prior to 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gnutls 2.12.2 |
||
gnu gnutls 2.12.7 |
||
gnu gnutls 2.12.5 |
||
gnu gnutls 2.12.8 |
||
gnu gnutls 2.12.6.1 |
||
gnu gnutls 2.12.0 |
||
gnu gnutls 2.12.10 |
||
gnu gnutls 2.12.6 |
||
gnu gnutls 2.12.9 |
||
gnu gnutls 2.12.13 |
||
gnu gnutls 2.12.12 |
||
gnu gnutls 2.12.3 |
||
gnu gnutls 2.12.4 |
||
gnu gnutls 2.12.11 |
||
gnu gnutls 2.12.1 |
||
gnu gnutls 3.0.3 |
||
gnu gnutls 3.0.6 |
||
gnu gnutls 3.0.0 |
||
gnu gnutls 3.0.2 |
||
gnu gnutls 3.0.5 |
||
gnu gnutls 3.0.1 |
||
gnu gnutls 3.0.4 |