National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2014-3466 Detail

Description

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

Source:  MITRE      Last Modified:  06/03/2014

Quick Info

CVE Dictionary Entry:
CVE-2014-3466
Original release date:
06/03/2014
Last revised:
12/28/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
6.8 MEDIUM
Vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore:
6.4
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://linux.oracle.com/errata/ELSA-2014-0594.html External Source CONFIRM http://linux.oracle.com/errata/ELSA-2014-0594.html
http://linux.oracle.com/errata/ELSA-2014-0595.html External Source CONFIRM http://linux.oracle.com/errata/ELSA-2014-0595.html
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html External Source SUSE SUSE-SU-2014:0758
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html External Source SUSE openSUSE-SU-2014:0763
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html External Source SUSE openSUSE-SU-2014:0767
http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html External Source SUSE SUSE-SU-2014:0788
http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/ Exploit External Source MISC http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/
http://rhn.redhat.com/errata/RHSA-2014-0594.html External Source REDHAT RHSA-2014:0594
http://rhn.redhat.com/errata/RHSA-2014-0595.html External Source REDHAT RHSA-2014:0595
http://rhn.redhat.com/errata/RHSA-2014-0684.html External Source REDHAT RHSA-2014:0684
http://rhn.redhat.com/errata/RHSA-2014-0815.html External Source REDHAT RHSA-2014:0815
http://secunia.com/advisories/59408 External Source SECUNIA 59408
http://secunia.com/advisories/60384 External Source SECUNIA 60384
http://www.debian.org/security/2014/dsa-2944 External Source DEBIAN DSA-2944
http://www.gnutls.org/security.html Vendor Advisory External Source CONFIRM http://www.gnutls.org/security.html
http://www.novell.com/support/kb/doc.php?id=7015302 External Source CONFIRM http://www.novell.com/support/kb/doc.php?id=7015302
http://www.novell.com/support/kb/doc.php?id=7015303 External Source CONFIRM http://www.novell.com/support/kb/doc.php?id=7015303
http://www.securityfocus.com/bid/67741 External Source BID 67741
http://www.securitytracker.com/id/1030314 External Source SECTRACK 1030314
http://www.ubuntu.com/usn/USN-2229-1 External Source UBUNTU USN-2229-1
http://www-01.ibm.com/support/docview.wss?uid=swg21678776 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21678776
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155 External Source CONFIRM http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
https://bugzilla.redhat.com/show_bug.cgi?id=1101932 External Source CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1101932
https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd Exploit; Patch External Source CONFIRM https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
OR
cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.3.0:pre0:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.3.3:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.15:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.17:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.18:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.19:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.20:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.21:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.22:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.23:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*    versions up to (including) 3.1.24
Configuration 3
OR
cpe:2.3:a:gnu:gnutls:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.14:*:*:*:*:*:*:*

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History 7 change records found - show changes