Vulnerability-Lookup

CVE-2006-0645 (GCVE-0-2006-0645)

Vulnerability from cvelistv5 – Published: 2006-02-10 18:00 – Updated: 2024-08-07 16:41

Summary

Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.trustix.org/errata/2006/0008	vendor-advisoryx_refsource_TRUSTIX
	http://secunia.com/advisories/18815	third-party-advisoryx_refsource_SECUNIA
	http://securityreason.com/securityalert/446	third-party-advisoryx_refsource_SREASON
	http://www.redhat.com/archives/fedora-announce-li…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/19092	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1015612	vdb-entryx_refsource_SECTRACK
	http://www.osvdb.org/23054	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/18794	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18918	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/18830	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://lists.gnupg.org/pipermail/gnutls-dev/2006-…	mailing-listx_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2006-0207.html	vendor-advisoryx_refsource_REDHAT
	http://lists.gnupg.org/pipermail/gnutls-dev/2006-…	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2006/dsa-986	vendor-advisoryx_refsource_DEBIAN
	http://www.debian.org/security/2006/dsa-985	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2006/0496	vdb-entryx_refsource_VUPEN
	http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1…	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-20060…	vendor-advisoryx_refsource_GENTOO
	http://www.gleg.net/protover_ssl.shtml	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://lists.gnupg.org/pipermail/gnutls-dev/2006-…	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/16568	vdb-entryx_refsource_BID
	http://secunia.com/advisories/18832	third-party-advisoryx_refsource_SECUNIA
	http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/t…	x_refsource_MISC
	https://usn.ubuntu.com/251-1/	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/19080	third-party-advisoryx_refsource_SECUNIA
	http://josefsson.org/gnutls/releases/libtasn1/lib…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/424538/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/18898	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:41:29.006Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "2006-0008",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0008"
          },
          {
            "name": "18815",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18815"
          },
          {
            "name": "446",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/446"
          },
          {
            "name": "FEDORA-2006-107",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
          },
          {
            "name": "19092",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19092"
          },
          {
            "name": "1015612",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015612"
          },
          {
            "name": "23054",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23054"
          },
          {
            "name": "18794",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18794"
          },
          {
            "name": "18918",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18918"
          },
          {
            "name": "MDKSA-2006:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
          },
          {
            "name": "18830",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18830"
          },
          {
            "name": "oval:org.mitre.oval:def:10540",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
          },
          {
            "name": "[gnutls-dev] 20060209 GnuTLS 1.2.10 - Security release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
          },
          {
            "name": "RHSA-2006:0207",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
          },
          {
            "name": "[gnutls-dev] 20060209 Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
          },
          {
            "name": "DSA-986",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-986"
          },
          {
            "name": "DSA-985",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-985"
          },
          {
            "name": "ADV-2006-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0496"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
          },
          {
            "name": "GLSA-200602-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.gleg.net/protover_ssl.shtml"
          },
          {
            "name": "gnutls-libtasn1-der-dos(24606)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
          },
          {
            "name": "[gnutls-dev] 20060209 GnuTLS 1.3.4 - Experimental - Security release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
          },
          {
            "name": "16568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16568"
          },
          {
            "name": "18832",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18832"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
          },
          {
            "name": "USN-251-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/251-1/"
          },
          {
            "name": "19080",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19080"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
          },
          {
            "name": "20060209 ProtoVer SSL: GnuTLS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
          },
          {
            "name": "18898",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18898"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "2006-0008",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0008"
        },
        {
          "name": "18815",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18815"
        },
        {
          "name": "446",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/446"
        },
        {
          "name": "FEDORA-2006-107",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
        },
        {
          "name": "19092",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19092"
        },
        {
          "name": "1015612",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015612"
        },
        {
          "name": "23054",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23054"
        },
        {
          "name": "18794",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18794"
        },
        {
          "name": "18918",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18918"
        },
        {
          "name": "MDKSA-2006:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
        },
        {
          "name": "18830",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18830"
        },
        {
          "name": "oval:org.mitre.oval:def:10540",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
        },
        {
          "name": "[gnutls-dev] 20060209 GnuTLS 1.2.10 - Security release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
        },
        {
          "name": "RHSA-2006:0207",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
        },
        {
          "name": "[gnutls-dev] 20060209 Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
        },
        {
          "name": "DSA-986",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-986"
        },
        {
          "name": "DSA-985",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-985"
        },
        {
          "name": "ADV-2006-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0496"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
        },
        {
          "name": "GLSA-200602-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.gleg.net/protover_ssl.shtml"
        },
        {
          "name": "gnutls-libtasn1-der-dos(24606)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
        },
        {
          "name": "[gnutls-dev] 20060209 GnuTLS 1.3.4 - Experimental - Security release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
        },
        {
          "name": "16568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16568"
        },
        {
          "name": "18832",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18832"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
        },
        {
          "name": "USN-251-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/251-1/"
        },
        {
          "name": "19080",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19080"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
        },
        {
          "name": "20060209 ProtoVer SSL: GnuTLS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
        },
        {
          "name": "18898",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18898"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-0645",
    "datePublished": "2006-02-10T18:00:00",
    "dateReserved": "2006-02-10T00:00:00",
    "dateUpdated": "2024-08-07T16:41:29.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D499D565-3346-470E-BA08-B894C85B0312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03BD64EF-3350-4C9B-AC99-FF920D469749\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3003BBC5-47C2-4420-93C9-67144BD7E0F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D263ACB-5F52-4E89-A2C2-2D34603221D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8D228B3-3B1D-49B0-A6E2-047D10F26297\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27DD62D0-E4C8-4198-A00E-3F9061029A26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E9C3DA5-B783-4295-B5FA-7C5EAEEAD302\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAF60A33-0EAD-4A76-B863-80A3B033705D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F145DEE-054A-45BB-B4FB-6421F99150BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE3FD24E-DCE0-4228-B94D-9EE2DF151BC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"751C6875-E572-4374-97F0-9E6C93BA7B31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EAA0716-91A0-4EBD-A836-2CF57F77B158\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3A4EA1F-785D-4F26-8C60-622DC92D5019\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C22677DF-9598-47EF-8808-FB59138F6195\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1222294B-6698-47A6-9C4F-60EAA4F97D27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A787FA74-6C38-4992-A68F-5AD5281A0B78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E454AAA-CA25-45D4-B5B0-D66F1B425E29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4452648C-2AB8-43E5-8617-00134E48C7EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73FA90F4-F2FE-47FA-8F8F-150274082981\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C48CE0BF-19FA-48AE-866E-3AD4E8B6806A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC9AD82D-5320-4D1B-B222-BC7F507D9CB4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \\\"out-of-bounds access\\\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.\"}]",
      "id": "CVE-2006-0645",
      "lastModified": "2024-11-21T00:06:59.637",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-02-10T18:06:00.000",
      "references": "[{\"url\": \"http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0207.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18794\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18815\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18830\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18832\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18898\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/18918\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/19080\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/19092\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securityreason.com/securityalert/446\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id?1015612\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-985\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-986\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.gleg.net/protover_ssl.shtml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2006:039\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.osvdb.org/23054\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/archive/1/424538/100/0/threaded\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/16568\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.trustix.org/errata/2006/0008\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/0496\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24606\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://usn.ubuntu.com/251-1/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2006-0207.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18815\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18830\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18832\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18898\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18918\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/19080\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/19092\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/446\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-985\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-986\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gleg.net/protover_ssl.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2006:039\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/23054\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/424538/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/16568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.trustix.org/errata/2006/0008\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/0496\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24606\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/251-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0645\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-02-10T18:06:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \\\"out-of-bounds access\\\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D499D565-3346-470E-BA08-B894C85B0312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03BD64EF-3350-4C9B-AC99-FF920D469749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3003BBC5-47C2-4420-93C9-67144BD7E0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D263ACB-5F52-4E89-A2C2-2D34603221D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D228B3-3B1D-49B0-A6E2-047D10F26297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27DD62D0-E4C8-4198-A00E-3F9061029A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E9C3DA5-B783-4295-B5FA-7C5EAEEAD302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF60A33-0EAD-4A76-B863-80A3B033705D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F145DEE-054A-45BB-B4FB-6421F99150BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE3FD24E-DCE0-4228-B94D-9EE2DF151BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"751C6875-E572-4374-97F0-9E6C93BA7B31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAA0716-91A0-4EBD-A836-2CF57F77B158\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3A4EA1F-785D-4F26-8C60-622DC92D5019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C22677DF-9598-47EF-8808-FB59138F6195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1222294B-6698-47A6-9C4F-60EAA4F97D27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A787FA74-6C38-4992-A68F-5AD5281A0B78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E454AAA-CA25-45D4-B5B0-D66F1B425E29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4452648C-2AB8-43E5-8617-00134E48C7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73FA90F4-F2FE-47FA-8F8F-150274082981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C48CE0BF-19FA-48AE-866E-3AD4E8B6806A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC9AD82D-5320-4D1B-B222-BC7F507D9CB4\"}]}]}],\"references\":[{\"url\":\"http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0207.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18794\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18815\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18830\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18832\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18898\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/18918\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19080\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/19092\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securityreason.com/securityalert/446\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1015612\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2006/dsa-985\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2006/dsa-986\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gleg.net/protover_ssl.shtml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:039\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/23054\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/424538/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/16568\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.trustix.org/errata/2006/0008\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0496\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24606\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/251-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2006-0207.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18815\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18830\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18832\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18918\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19092\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/446\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-985\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gleg.net/protover_ssl.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/23054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/424538/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/16568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.trustix.org/errata/2006/0008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/251-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

RHSA-2006_0207

Vulnerability from csaf_redhat - Published: 2006-02-10 21:43 - Updated: 2024-11-22 00:10

Summary

Red Hat Security Advisory: gnutls security update

Notes

Topic

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

The GNU TLS Library provides support for cryptographic algorithms and protocols such as TLS. GNU TLS includes Libtasn1, a library developed for ASN.1 structures management that includes DER encoding and decoding. Several flaws were found in the way libtasn1 decodes DER. An attacker could create a carefully crafted invalid X.509 certificate in such a way that could trigger this flaw if parsed by an application that uses GNU TLS. This could lead to a denial of service (application crash). It is not certain if this issue could be escalated to allow arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0645 to this issue. In Red Hat Enterprise Linux 4, the GNU TLS library is only used by the Evolution client when connecting to an Exchange server or when publishing calendar information to a WebDAV server. Users are advised to upgrade to these updated packages, which contain a backported patch from the GNU TLS maintainers to correct this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated gnutls packages that fix a security issue are now available for Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The GNU TLS Library provides support for cryptographic algorithms and\nprotocols such as TLS. GNU TLS includes Libtasn1, a library developed for\nASN.1 structures management that includes DER encoding and decoding.\n\nSeveral flaws were found in the way libtasn1 decodes DER.  An attacker\ncould create a carefully crafted invalid X.509 certificate in such a way\nthat could trigger this flaw if parsed by an application that uses GNU TLS.\nThis could lead to a denial of service (application crash).  It is not\ncertain if this issue could be escalated to allow arbitrary code execution. \nThe Common Vulnerabilities and Exposures project assigned the name\nCVE-2006-0645 to this issue.\n\nIn Red Hat Enterprise Linux 4, the GNU TLS library is only used by the\nEvolution client when connecting to an Exchange server or when publishing\ncalendar information to a WebDAV server.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch from the GNU TLS maintainers to correct this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0207",
        "url": "https://access.redhat.com/errata/RHSA-2006:0207"
      },
      {
        "category": "external",
        "summary": "180903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=180903"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0207.json"
      }
    ],
    "title": "Red Hat Security Advisory: gnutls security update",
    "tracking": {
      "current_release_date": "2024-11-22T00:10:18+00:00",
      "generator": {
        "date": "2024-11-22T00:10:18+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2006:0207",
      "initial_release_date": "2006-02-10T21:43:00+00:00",
      "revision_history": [
        {
          "date": "2006-02-10T21:43:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-02-10T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T00:10:18+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.src",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.src",
                  "product_id": "gnutls-0:1.0.20-3.2.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ppc64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ppc64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0645",
      "discovery_date": "2006-02-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "184097"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "- libtasn1 buffer overflow",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:gnutls-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-0:1.0.20-3.2.2.ppc64",
          "4AS:gnutls-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-0:1.0.20-3.2.2.src",
          "4AS:gnutls-0:1.0.20-3.2.2.x86_64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-0:1.0.20-3.2.2.src",
          "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-0:1.0.20-3.2.2.ppc64",
          "4ES:gnutls-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-0:1.0.20-3.2.2.src",
          "4ES:gnutls-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-0:1.0.20-3.2.2.ppc64",
          "4WS:gnutls-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-0:1.0.20-3.2.2.src",
          "4WS:gnutls-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-0645"
        },
        {
          "category": "external",
          "summary": "RHBZ#184097",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=184097"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-0645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0645"
        }
      ],
      "release_date": "2006-02-09T15:38:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-02-10T21:43:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "4AS:gnutls-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-0:1.0.20-3.2.2.ppc64",
            "4AS:gnutls-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-0:1.0.20-3.2.2.src",
            "4AS:gnutls-0:1.0.20-3.2.2.x86_64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-0:1.0.20-3.2.2.src",
            "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-0:1.0.20-3.2.2.ppc64",
            "4ES:gnutls-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-0:1.0.20-3.2.2.src",
            "4ES:gnutls-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-0:1.0.20-3.2.2.ppc64",
            "4WS:gnutls-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-0:1.0.20-3.2.2.src",
            "4WS:gnutls-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0207"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "- libtasn1 buffer overflow"
    }
  ]
}

RHSA-2006:0207

Vulnerability from csaf_redhat - Published: 2006-02-10 21:43 - Updated: 2025-11-21 17:30

Summary

Red Hat Security Advisory: gnutls security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated gnutls packages that fix a security issue are now available for Red\nHat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The GNU TLS Library provides support for cryptographic algorithms and\nprotocols such as TLS. GNU TLS includes Libtasn1, a library developed for\nASN.1 structures management that includes DER encoding and decoding.\n\nSeveral flaws were found in the way libtasn1 decodes DER.  An attacker\ncould create a carefully crafted invalid X.509 certificate in such a way\nthat could trigger this flaw if parsed by an application that uses GNU TLS.\nThis could lead to a denial of service (application crash).  It is not\ncertain if this issue could be escalated to allow arbitrary code execution. \nThe Common Vulnerabilities and Exposures project assigned the name\nCVE-2006-0645 to this issue.\n\nIn Red Hat Enterprise Linux 4, the GNU TLS library is only used by the\nEvolution client when connecting to an Exchange server or when publishing\ncalendar information to a WebDAV server.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch from the GNU TLS maintainers to correct this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0207",
        "url": "https://access.redhat.com/errata/RHSA-2006:0207"
      },
      {
        "category": "external",
        "summary": "180903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=180903"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0207.json"
      }
    ],
    "title": "Red Hat Security Advisory: gnutls security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:30:03+00:00",
      "generator": {
        "date": "2025-11-21T17:30:03+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2006:0207",
      "initial_release_date": "2006-02-10T21:43:00+00:00",
      "revision_history": [
        {
          "date": "2006-02-10T21:43:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-02-10T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:30:03+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.i386",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.i386",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.src",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.src",
                  "product_id": "gnutls-0:1.0.20-3.2.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.ppc64",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.ppc64",
                  "product_id": "gnutls-0:1.0.20-3.2.2.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnutls-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls@1.0.20-3.2.2?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-debuginfo@1.0.20-3.2.2?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnutls-devel-0:1.0.20-3.2.2.s390",
                "product": {
                  "name": "gnutls-devel-0:1.0.20-3.2.2.s390",
                  "product_id": "gnutls-devel-0:1.0.20-3.2.2.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnutls-devel@1.0.20-3.2.2?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.src"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.i386"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.s390"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnutls-devel-0:1.0.20-3.2.2.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        },
        "product_reference": "gnutls-devel-0:1.0.20-3.2.2.x86_64",
        "relates_to_product_reference": "4WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-0645",
      "discovery_date": "2006-02-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "184097"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "- libtasn1 buffer overflow",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:gnutls-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-0:1.0.20-3.2.2.ppc64",
          "4AS:gnutls-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-0:1.0.20-3.2.2.src",
          "4AS:gnutls-0:1.0.20-3.2.2.x86_64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64",
          "4Desktop:gnutls-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-0:1.0.20-3.2.2.src",
          "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-0:1.0.20-3.2.2.ppc64",
          "4ES:gnutls-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-0:1.0.20-3.2.2.src",
          "4ES:gnutls-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-0:1.0.20-3.2.2.ppc64",
          "4WS:gnutls-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-0:1.0.20-3.2.2.src",
          "4WS:gnutls-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.i386",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.s390",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x",
          "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-0645"
        },
        {
          "category": "external",
          "summary": "RHBZ#184097",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=184097"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-0645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-0645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-0645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0645"
        }
      ],
      "release_date": "2006-02-09T15:38:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-02-10T21:43:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "4AS:gnutls-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-0:1.0.20-3.2.2.ppc64",
            "4AS:gnutls-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-0:1.0.20-3.2.2.src",
            "4AS:gnutls-0:1.0.20-3.2.2.x86_64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4AS:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-0:1.0.20-3.2.2.ppc64",
            "4Desktop:gnutls-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-0:1.0.20-3.2.2.src",
            "4Desktop:gnutls-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4Desktop:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-0:1.0.20-3.2.2.ppc64",
            "4ES:gnutls-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-0:1.0.20-3.2.2.src",
            "4ES:gnutls-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4ES:gnutls-devel-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-0:1.0.20-3.2.2.ppc64",
            "4WS:gnutls-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-0:1.0.20-3.2.2.src",
            "4WS:gnutls-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.ppc64",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-debuginfo-0:1.0.20-3.2.2.x86_64",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.i386",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.ia64",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.ppc",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.s390",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.s390x",
            "4WS:gnutls-devel-0:1.0.20-3.2.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0207"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "- libtasn1 buffer overflow"
    }
  ]
}

FKIE_CVE-2006-0645

Vulnerability from fkie_nvd - Published: 2006-02-10 18:06 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

	URL	Tags
	secalert@redhat.com	http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup
	secalert@redhat.com	http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror&view=markup
	secalert@redhat.com	http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch
	secalert@redhat.com	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html
	secalert@redhat.com	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html
	secalert@redhat.com	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2006-0207.html
	secalert@redhat.com	http://secunia.com/advisories/18794
	secalert@redhat.com	http://secunia.com/advisories/18815
	secalert@redhat.com	http://secunia.com/advisories/18830
	secalert@redhat.com	http://secunia.com/advisories/18832
	secalert@redhat.com	http://secunia.com/advisories/18898
	secalert@redhat.com	http://secunia.com/advisories/18918
	secalert@redhat.com	http://secunia.com/advisories/19080
	secalert@redhat.com	http://secunia.com/advisories/19092
	secalert@redhat.com	http://securityreason.com/securityalert/446
	secalert@redhat.com	http://securitytracker.com/id?1015612
	secalert@redhat.com	http://www.debian.org/security/2006/dsa-985
	secalert@redhat.com	http://www.debian.org/security/2006/dsa-986
	secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml
	secalert@redhat.com	http://www.gleg.net/protover_ssl.shtml
	secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:039
	secalert@redhat.com	http://www.osvdb.org/23054
	secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html
	secalert@redhat.com	http://www.securityfocus.com/archive/1/424538/100/0/threaded
	secalert@redhat.com	http://www.securityfocus.com/bid/16568
	secalert@redhat.com	http://www.trustix.org/errata/2006/0008
	secalert@redhat.com	http://www.vupen.com/english/advisories/2006/0496
	secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24606
	secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540
	secalert@redhat.com	https://usn.ubuntu.com/251-1/
	af854a3a-2127-422b-91ae-364da2661108	http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup
	af854a3a-2127-422b-91ae-364da2661108	http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror&view=markup
	af854a3a-2127-422b-91ae-364da2661108	http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch
	af854a3a-2127-422b-91ae-364da2661108	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2006-0207.html
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18794
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18815
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18830
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18832
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18898
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18918
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19080
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19092
	af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/446
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015612
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-985
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-986
	af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml
	af854a3a-2127-422b-91ae-364da2661108	http://www.gleg.net/protover_ssl.shtml
	af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:039
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23054
	af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424538/100/0/threaded
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16568
	af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0008
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0496
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24606
	af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540
	af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/251-1/

Impacted products

Vendor	Product	Version
free_software_foundation_inc.	libtasn1	0.1.0
free_software_foundation_inc.	libtasn1	0.1.1
free_software_foundation_inc.	libtasn1	0.1.2
free_software_foundation_inc.	libtasn1	0.2.0
free_software_foundation_inc.	libtasn1	0.2.1
free_software_foundation_inc.	libtasn1	0.2.2
free_software_foundation_inc.	libtasn1	0.2.3
free_software_foundation_inc.	libtasn1	0.2.4
free_software_foundation_inc.	libtasn1	0.2.5
free_software_foundation_inc.	libtasn1	0.2.6
free_software_foundation_inc.	libtasn1	0.2.7
free_software_foundation_inc.	libtasn1	0.2.8
free_software_foundation_inc.	libtasn1	0.2.9
free_software_foundation_inc.	libtasn1	0.2.10
free_software_foundation_inc.	libtasn1	0.2.11
free_software_foundation_inc.	libtasn1	0.2.12
free_software_foundation_inc.	libtasn1	0.2.13
free_software_foundation_inc.	libtasn1	0.2.14
free_software_foundation_inc.	libtasn1	0.2.15
free_software_foundation_inc.	libtasn1	0.2.16
free_software_foundation_inc.	libtasn1	0.2.17

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D499D565-3346-470E-BA08-B894C85B0312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "03BD64EF-3350-4C9B-AC99-FF920D469749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3003BBC5-47C2-4420-93C9-67144BD7E0F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D263ACB-5F52-4E89-A2C2-2D34603221D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D228B3-3B1D-49B0-A6E2-047D10F26297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27DD62D0-E4C8-4198-A00E-3F9061029A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E9C3DA5-B783-4295-B5FA-7C5EAEEAD302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF60A33-0EAD-4A76-B863-80A3B033705D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F145DEE-054A-45BB-B4FB-6421F99150BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE3FD24E-DCE0-4228-B94D-9EE2DF151BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "751C6875-E572-4374-97F0-9E6C93BA7B31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EAA0716-91A0-4EBD-A836-2CF57F77B158",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A4EA1F-785D-4F26-8C60-622DC92D5019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C22677DF-9598-47EF-8808-FB59138F6195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1222294B-6698-47A6-9C4F-60EAA4F97D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A787FA74-6C38-4992-A68F-5AD5281A0B78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E454AAA-CA25-45D4-B5B0-D66F1B425E29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4452648C-2AB8-43E5-8617-00134E48C7EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "73FA90F4-F2FE-47FA-8F8F-150274082981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C48CE0BF-19FA-48AE-866E-3AD4E8B6806A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9AD82D-5320-4D1B-B222-BC7F507D9CB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite."
    }
  ],
  "id": "CVE-2006-0645",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-02-10T18:06:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18794"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18815"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18830"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18832"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18898"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18918"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19080"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19092"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/446"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015612"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-985"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-986"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gleg.net/protover_ssl.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/23054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/16568"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0496"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/251-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18815"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18830"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gleg.net/protover_ssl.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/23054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/251-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-0645

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-0645

Aliases

CVE-2006-0645

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0645",
    "description": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.",
    "id": "GSD-2006-0645",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-0645.html",
      "https://www.debian.org/security/2006/dsa-986",
      "https://www.debian.org/security/2006/dsa-985",
      "https://access.redhat.com/errata/RHSA-2006:0207"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0645"
      ],
      "details": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.",
      "id": "GSD-2006-0645",
      "modified": "2023-12-13T01:19:50.393013Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2006-0645",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.trustix.org/errata/2006/0008",
            "refsource": "MISC",
            "url": "http://www.trustix.org/errata/2006/0008"
          },
          {
            "name": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup",
            "refsource": "MISC",
            "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
          },
          {
            "name": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup",
            "refsource": "MISC",
            "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
          },
          {
            "name": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch",
            "refsource": "MISC",
            "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
          },
          {
            "name": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html",
            "refsource": "MISC",
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
          },
          {
            "name": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html",
            "refsource": "MISC",
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
          },
          {
            "name": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html",
            "refsource": "MISC",
            "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2006-0207.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
          },
          {
            "name": "http://secunia.com/advisories/18794",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18794"
          },
          {
            "name": "http://secunia.com/advisories/18815",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18815"
          },
          {
            "name": "http://secunia.com/advisories/18830",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18830"
          },
          {
            "name": "http://secunia.com/advisories/18832",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18832"
          },
          {
            "name": "http://secunia.com/advisories/18898",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18898"
          },
          {
            "name": "http://secunia.com/advisories/18918",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18918"
          },
          {
            "name": "http://secunia.com/advisories/19080",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19080"
          },
          {
            "name": "http://secunia.com/advisories/19092",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19092"
          },
          {
            "name": "http://securityreason.com/securityalert/446",
            "refsource": "MISC",
            "url": "http://securityreason.com/securityalert/446"
          },
          {
            "name": "http://securitytracker.com/id?1015612",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1015612"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-985",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-985"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-986",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-986"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
          },
          {
            "name": "http://www.gleg.net/protover_ssl.shtml",
            "refsource": "MISC",
            "url": "http://www.gleg.net/protover_ssl.shtml"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
          },
          {
            "name": "http://www.osvdb.org/23054",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/23054"
          },
          {
            "name": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/424538/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/16568",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/16568"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/0496",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/0496"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
          },
          {
            "name": "https://usn.ubuntu.com/251-1/",
            "refsource": "MISC",
            "url": "https://usn.ubuntu.com/251-1/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:free_software_foundation_inc.:libtasn1:0.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2006-0645"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.gleg.net/protover_ssl.shtml",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.gleg.net/protover_ssl.shtml"
            },
            {
              "name": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch",
              "refsource": "MISC",
              "tags": [],
              "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
            },
            {
              "name": "[gnutls-dev] 20060209 Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
            },
            {
              "name": "[gnutls-dev] 20060209 GnuTLS 1.2.10 - Security release",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
            },
            {
              "name": "[gnutls-dev] 20060209 GnuTLS 1.3.4 - Experimental - Security release",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
            },
            {
              "name": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup",
              "refsource": "MISC",
              "tags": [],
              "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
            },
            {
              "name": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
            },
            {
              "name": "FEDORA-2006-107",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
            },
            {
              "name": "RHSA-2006:0207",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
            },
            {
              "name": "23054",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/23054"
            },
            {
              "name": "1015612",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015612"
            },
            {
              "name": "18794",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18794"
            },
            {
              "name": "18815",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18815"
            },
            {
              "name": "18830",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18830"
            },
            {
              "name": "18832",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18832"
            },
            {
              "name": "GLSA-200602-08",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
            },
            {
              "name": "16568",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/16568"
            },
            {
              "name": "18918",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18918"
            },
            {
              "name": "18898",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18898"
            },
            {
              "name": "2006-0008",
              "refsource": "TRUSTIX",
              "tags": [],
              "url": "http://www.trustix.org/errata/2006/0008"
            },
            {
              "name": "DSA-986",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-986"
            },
            {
              "name": "DSA-985",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-985"
            },
            {
              "name": "19080",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19080"
            },
            {
              "name": "19092",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19092"
            },
            {
              "name": "MDKSA-2006:039",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
            },
            {
              "name": "446",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/446"
            },
            {
              "name": "ADV-2006-0496",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0496"
            },
            {
              "name": "gnutls-libtasn1-der-dos(24606)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
            },
            {
              "name": "oval:org.mitre.oval:def:10540",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
            },
            {
              "name": "USN-251-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/251-1/"
            },
            {
              "name": "20060209 ProtoVer SSL: GnuTLS",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-19T15:45Z",
      "publishedDate": "2006-02-10T18:06Z"
    }
  }
}

GHSA-2W9R-MR74-QJ9P

Vulnerability from github – Published: 2022-05-01 06:41 – Updated: 2025-04-03 04:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0645"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-02-10T18:06:00Z",
    "severity": "HIGH"
  },
  "details": "Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via \"out-of-bounds access\" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.",
  "id": "GHSA-2w9r-mr74-qj9p",
  "modified": "2025-04-03T04:26:27Z",
  "published": "2022-05-01T06:41:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0645"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24606"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/251-1"
    },
    {
      "type": "WEB",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup"
    },
    {
      "type": "WEB",
      "url": "http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror\u0026view=markup"
    },
    {
      "type": "WEB",
      "url": "http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch"
    },
    {
      "type": "WEB",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0207.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18794"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18815"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18830"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18832"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18898"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18918"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19080"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19092"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/446"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015612"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-985"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-986"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.gleg.net/protover_ssl.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:039"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/23054"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/424538/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/16568"
    },
    {
      "type": "WEB",
      "url": "http://www.trustix.org/errata/2006/0008"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0496"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-0645 (GCVE-0-2006-0645)

RHSA-2006_0207

RHSA-2006:0207

FKIE_CVE-2006-0645

GSD-2006-0645

GHSA-2W9R-MR74-QJ9P

Tags

Sightings

Nomenclature