Upstream information

CVE-2005-1431 at MITRE

Description

The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 83481 [RESOLVED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 9.1 for IA32
  • gnutls >= 1.0.8-26.4
  • gnutls-devel >= 1.0.8-26.4
SUSE LINUX 9.2
  • gnutls >= 1.0.13-5.2
  • gnutls-32bit >= 9.2-200507182017
  • gnutls-devel >= 1.0.13-5.2
  • gnutls-devel-32bit >= 9.2-200507182017
SUSE LINUX 9.3
  • gnutls >= 1.2.0-3.2
  • gnutls-32bit >= 9.3-7.1
  • gnutls-devel >= 1.2.0-3.2
  • gnutls-devel-32bit >= 9.3-7.1
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • libredcarpet >= 2.4.8-0.4
  • libredcarpet-python >= 2.4.8-0.4
  • libredcarpet-tools >= 2.4.8-0.4
  • libsoup >= 2.2.3-0.11
  • libsoup-devel >= 2.2.3-0.11
  • rcd >= 2.4.8-0.8
  • rcd-devel >= 2.4.8-0.8
  • rcd-modules >= 2.4.8-0.2
  • rcd-modules-devel >= 2.4.8-0.2
  • red-carpet >= 2.4.4-1.9
  • rug >= 2.4.8-0.2
suse91.s390
suse91.x86-64
suse91.ia64
suse91.ppc
sles9-oes.x86
YOU Patch Nr: 10431
Novell Linux Desktop 9 for x86_64
  • libredcarpet >= 2.4.8-0.4
  • libredcarpet-python >= 2.4.8-0.4
  • libredcarpet-tools >= 2.4.8-0.4
  • libsoup >= 2.2.3-0.11
  • libsoup-32bit >= 9-200508251319
  • libsoup-devel >= 2.2.3-0.11
  • libsoup-devel-32bit >= 9-200508251319
  • rcd >= 2.4.8-0.8
  • rcd-devel >= 2.4.8-0.8
  • rcd-modules >= 2.4.8-0.2
  • rcd-modules-devel >= 2.4.8-0.2
  • red-carpet >= 2.4.4-1.9
  • rug >= 2.4.8-0.2
suse91.s390
suse91.x86-64
suse91.ia64
suse91.ppc
sles9-oes.x86
YOU Patch Nr: 10431
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • gnutls >= 1.0.8-26.4
  • gnutls-devel >= 1.0.8-26.4
suse91.ppc
suse91.s390
suse91.ia64
suse91.x86
YOU Patch Nr: 10317