ID CVE-2014-3469
Summary The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 5
    cpe:2.3:o:redhat:enterprise_linux:5
  • Red Hat Enterprise Linux 6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • GNU GnuTLS
    cpe:2.3:a:gnu:gnutls
  • GNU Libtasn1 3.0
    cpe:2.3:a:gnu:libtasn1:3.0
  • GNU Libtasn1 3.1
    cpe:2.3:a:gnu:libtasn1:3.1
  • GNU Libtasn1 3.2
    cpe:2.3:a:gnu:libtasn1:3.2
  • GNU Libtasn1 3.3
    cpe:2.3:a:gnu:libtasn1:3.3
  • GNU Libtasn1 3.4
    cpe:2.3:a:gnu:libtasn1:3.4
  • GNU Libtasn1 3.5
    cpe:2.3:a:gnu:libtasn1:3.5
CVSS
Base: 4.3 (as of 06-06-2014 - 13:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2014-156-01.NASL
    description New gnutls packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2014-06-06
    plugin id 74329
    published 2014-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74329
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : gnutls (SSA:2014-156-01)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_LIBTASN1_20140715.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. (CVE-2014-3468) - The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. (CVE-2014-3469)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80678
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80678
    title Oracle Solaris Third-Party Patch Update : libtasn1 (multiple_vulnerabilities_in_gnu_libtasn1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_GNUTLS-140603.NASL
    description GnuTLS has been patched to ensure proper parsing of session ids during the TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have been fixed. Further information is available at http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 These security issues have been fixed : - Possible memory corruption during connect. (CVE-2014-3466) - Multiple boundary check issues could allow DoS. (CVE-2014-3467) - asn1_get_bit_der() can return negative bit length. (CVE-2014-3468) - Possible DoS by NULL pointer dereference (CVE-2014-3469)
    last seen 2019-02-21
    modified 2014-06-05
    plugin id 74321
    published 2014-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74321
    title SuSE 11.3 Security Update : gnutls (SAT Patch Number 9320)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0815.NASL
    description An updated rhev-hypervisor6 package that fixes several security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting CVE-2014-3466, CVE-2014-3468, CVE-2014-3467, and CVE-2014-3469. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. This updated package provides an updated kernel component that includes fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers : CVE-2013-6378, CVE-2014-0203, CVE-2014-1737, CVE-2014-1738, CVE-2014-1874, CVE-2014-2039 and CVE-2014-3153 (kernel issues) Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79108
    published 2014-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79108
    title RHEL 6 : rhev-hypervisor6 (RHSA-2014:0815)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_GNUTLS_20141120.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. (CVE-2014-3465) - Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. (CVE-2014-3466) - Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnutTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 data. (CVE-2014-3467) - The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data. (CVE-2014-3468) - The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. (CVE-2014-3469)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80632
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80632
    title Oracle Solaris Third-Party Patch Update : gnutls (multiple_vulnerabilities_in_gnutls)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140603_LIBTASN1_ON_SL6_X.NASL
    description It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 74307
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74307
    title Scientific Linux Security Update : libtasn1 on SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0687.NASL
    description Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 76896
    published 2014-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76896
    title RHEL 7 : libtasn1 (RHSA-2014:0687)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2294-1.NASL
    description It was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. (CVE-2014-3467) It was discovered that Libtasn1 incorrectly handled negative bit lengths. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-3468) It was discovered that Libtasn1 incorrectly handled certain ASN.1 data. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. (CVE-2014-3469). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 76704
    published 2014-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76704
    title Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : libtasn1-3, libtasn1-6 vulnerabilities (USN-2294-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0596.NASL
    description Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74311
    published 2014-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74311
    title CentOS 6 : libtasn1 (CESA-2014:0596)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBTASN1-140717.NASL
    description libtasn1 has been updated to fix three security issues : - asn1_get_bit_der() could have returned negative bit length. (CVE-2014-3468) - Multiple boundary check issues could have allowed DoS. (CVE-2014-3467) - Possible DoS by NULL pointer dereference in asn1_read_value_type (CVE-2014-3469)
    last seen 2019-02-21
    modified 2014-07-24
    plugin id 76755
    published 2014-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76755
    title SuSE 11.3 Security Update : libtasn1 (SAT Patch Number 9528)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-116.NASL
    description Updated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash (CVE-2014-3467). It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte (CVE-2014-3468). A NULL pointer dereference flaw was found in libtasn1's asn1_read_value_type() / asn1_read_value() function. If an application called the function with a NULL value for an ivalue argument to determine the amount of memory needed to store data to be read from the ASN.1 input, libtasn1 could incorrectly attempt to dereference the NULL pointer, causing an application using the library to crash (CVE-2014-3469).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82369
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82369
    title Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:116)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0596.NASL
    description From Red Hat Security Advisory 2014:0596 : Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 74298
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74298
    title Oracle Linux 6 : libtasn1 (ELSA-2014-0596)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-09.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-09 (GNU Libtasn1: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GNU Libtasn1. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77453
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77453
    title GLSA-201408-09 : GNU Libtasn1: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0594.NASL
    description Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74301
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74301
    title RHEL 5 : gnutls (RHSA-2014:0594)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0594.NASL
    description Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74309
    published 2014-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74309
    title CentOS 5 : gnutls (CESA-2014:0594)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0594.NASL
    description From Red Hat Security Advisory 2014:0594 : Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original reporter of CVE-2014-3466. Users of GnuTLS are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 74296
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74296
    title Oracle Linux 5 : gnutls (ELSA-2014-0594)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140603_GNUTLS_ON_SL5_X.NASL
    description A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 74305
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74305
    title Scientific Linux Security Update : gnutls on SL5.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2014-156-02.NASL
    description New libtasn1 packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
    last seen 2018-09-01
    modified 2014-06-07
    plugin id 74330
    published 2014-06-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74330
    title Slackware 14.0 / 14.1 / current : libtasn1 (SSA:2014-156-02)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0596.NASL
    description Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 74303
    published 2014-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74303
    title RHEL 6 : libtasn1 (RHSA-2014:0596)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-77.NASL
    description Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial of service via out-of-bounds access or NULL pointer dereference. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 82222
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82222
    title Debian DLA-77-1 : libtasn1-3 security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-6919.NASL
    description new upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 74407
    published 2014-06-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74407
    title Fedora 19 : libtasn1-3.6-1.fc19 (2014-6919)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3056.NASL
    description Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 78681
    published 2014-10-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78681
    title Debian DSA-3056-1 : libtasn1-3 - security update
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-107.NASL
    description Updated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash (CVE-2014-3467). It was discovered that libtasn1 library function asn1_get_bit_der() could incorrectly report negative bit length of the value read from ASN.1 input. This could possibly lead to an out of bounds access in an application using libtasn1, for example in case if application tried to terminate read value with NUL byte (CVE-2014-3468). A NULL pointer dereference flaw was found in libtasn1's asn1_read_value_type() / asn1_read_value() function. If an application called the function with a NULL value for an ivalue argument to determine the amount of memory needed to store data to be read from the ASN.1 input, libtasn1 could incorrectly attempt to dereference the NULL pointer, causing an application using the library to crash (CVE-2014-3469). The packages for mes5 have been patched to correct these issues and the packages for mbs1 have been upgraded to the 3.6 version where these issues has been fixed.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 74416
    published 2014-06-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74416
    title Mandriva Linux Security Advisory : libtasn1 (MDVSA-2014:107)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0687.NASL
    description From Red Hat Security Advisory 2014:0687 : Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libtasn1 library provides Abstract Syntax Notation One (ASN.1) parsing and structures management, and Distinguished Encoding Rules (DER) encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) Red Hat would like to thank GnuTLS upstream for reporting these issues. All libtasn1 users are advised to upgrade to these updated packages, which correct these issues. For the update to take effect, all applications linked to the libtasn1 library must be restarted.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 76734
    published 2014-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76734
    title Oracle Linux 7 : libtasn1 (ELSA-2014-0687)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-359.NASL
    description It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 78302
    published 2014-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78302
    title Amazon Linux AMI : libtasn1 (ALAS-2014-359)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-6895.NASL
    description new upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 74317
    published 2014-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74317
    title Fedora 20 : libtasn1-3.6-1.fc20 (2014-6895)
redhat via4
advisories
  • bugzilla
    id 1102329
    title CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment gnutls is earlier than 0:1.4.1-16.el5_10
          oval oval:com.redhat.rhsa:tst:20140594002
        • comment gnutls is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20120319003
      • AND
        • comment gnutls-devel is earlier than 0:1.4.1-16.el5_10
          oval oval:com.redhat.rhsa:tst:20140594006
        • comment gnutls-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20120319005
      • AND
        • comment gnutls-utils is earlier than 0:1.4.1-16.el5_10
          oval oval:com.redhat.rhsa:tst:20140594004
        • comment gnutls-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20120319007
    rhsa
    id RHSA-2014:0594
    released 2014-06-03
    severity Important
    title RHSA-2014:0594: gnutls security update (Important)
  • bugzilla
    id 1102329
    title CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment libtasn1 is earlier than 0:2.3-6.el6_5
          oval oval:com.redhat.rhsa:tst:20140596005
        • comment libtasn1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427006
      • AND
        • comment libtasn1-devel is earlier than 0:2.3-6.el6_5
          oval oval:com.redhat.rhsa:tst:20140596007
        • comment libtasn1-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427010
      • AND
        • comment libtasn1-tools is earlier than 0:2.3-6.el6_5
          oval oval:com.redhat.rhsa:tst:20140596009
        • comment libtasn1-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427008
    rhsa
    id RHSA-2014:0596
    released 2014-06-03
    severity Moderate
    title RHSA-2014:0596: libtasn1 security update (Moderate)
  • bugzilla
    id 1102329
    title CVE-2014-3469 libtasn1: asn1_read_value_type() NULL pointer dereference
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment libtasn1 is earlier than 0:3.3-5.el7_0
          oval oval:com.redhat.rhsa:tst:20140687005
        • comment libtasn1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427006
      • AND
        • comment libtasn1-devel is earlier than 0:3.3-5.el7_0
          oval oval:com.redhat.rhsa:tst:20140687009
        • comment libtasn1-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427010
      • AND
        • comment libtasn1-tools is earlier than 0:3.3-5.el7_0
          oval oval:com.redhat.rhsa:tst:20140687007
        • comment libtasn1-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120427008
    rhsa
    id RHSA-2014:0687
    released 2014-06-10
    severity Moderate
    title RHSA-2014:0687: libtasn1 security update (Moderate)
  • rhsa
    id RHSA-2014:0815
rpms
  • gnutls-0:1.4.1-16.el5_10
  • gnutls-devel-0:1.4.1-16.el5_10
  • gnutls-utils-0:1.4.1-16.el5_10
  • libtasn1-0:2.3-6.el6_5
  • libtasn1-devel-0:2.3-6.el6_5
  • libtasn1-tools-0:2.3-6.el6_5
  • libtasn1-0:3.3-5.el7_0
  • libtasn1-devel-0:3.3-5.el7_0
  • libtasn1-tools-0:3.3-5.el7_0
refmap via4
confirm
debian DSA-3056
mandriva MDVSA-2015:116
mlist [help-libtasn1] 20140525 GNU Libtasn1 3.6 released
secunia
  • 58591
  • 58614
  • 59021
  • 59057
  • 59408
  • 60320
  • 60415
  • 61888
suse
  • SUSE-SU-2014:0758
  • SUSE-SU-2014:0788
Last major update 06-01-2017 - 21:59
Published 05-06-2014 - 16:55
Last modified 22-04-2019 - 13:48
Back to Top