Security restrictions bypass in GnuTLS

Published: 2016-09-02 12:17:01 | Updated: 2017-08-02 19:34:11
Severity Low
Patch available YES
Number of vulnerabilities 1
CVSSv2 5.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
CVSSv3 6.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE ID CVE-2016-7444
CWE ID CWE-20
Exploitation vector Network
Public exploit Not available
Vulnerable software GnuTLS
Vulnerable software versions GnuTLS 3.3.24
GnuTLS 3.4.11
GnuTLS 3.4.10
Show more
Vendor URL GNU
Advisory type Public

Security Advisory

1) Security restrictions bypass

Description

The vulnerability allows a remote unauthenticated attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient validation of the serial length of an OCSP response by the gnutls_ocsp_resp_check_crt function in the lib/x509/ocsp.c code. A remote attacker can bypass certificate validation and conduct further attacks.

Remediation

Update to version 3.4.15 or 3.5.4.

External links

https://www.gnutls.org/security.html

Back to List