#VU32707 Buffer overflow in GnuTLS - CVE-2011-4128

Cybersecurity Help s.r.o.

Published: 2011-12-08 | Updated: 2020-07-28

Vulnerability identifier: #VU32707

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-4128

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GnuTLS
Universal components / Libraries / Libraries used by multiple products

Vendor: GnuTLS

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GnuTLS: 2.12.0 - 2.12.13

External links
https://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5596
https://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=190cef6eed37d0e73a73c1e205eb31d45ab60a3c
https://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=e82ef4545e9e98cbcb032f55d7c750b81e3a0450
https://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html
https://openwall.com/lists/oss-security/2011/11/09/2
https://openwall.com/lists/oss-security/2011/11/09/4
https://rhn.redhat.com/errata/RHSA-2012-0429.html
https://rhn.redhat.com/errata/RHSA-2012-0488.html
https://rhn.redhat.com/errata/RHSA-2012-0531.html
https://secunia.com/advisories/48596
https://secunia.com/advisories/48712
https://www.gnu.org/software/gnutls/security.html
https://www.mandriva.com/security/advisories?name=MDVSA-2012:045
https://www.ubuntu.com/usn/USN-1418-1
https://bugzilla.redhat.com/show_bug.cgi?id=752308

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Slackware Linux update for gnutls

Buffer overflow in gnutls (Alpine package)

Amazon Linux AMI update for gnutls

Buffer overflow in GnuTLS