Signature Detail

Short Name	SSL:GNUTLS-TLS-RECORD-MC
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	SSL
Keywords	GnuTLS TLS Record Decoding Out-of-bounds Memory Access
Release Date	2014/03/20
Update Number	2355
Supported Platforms	idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SSL: GnuTLS TLS Record Decoding Out-of-bounds Memory Access

This signature detects attempts to exploit a known vulnerability in in GnuTLS. The vulnerability is due to an error in the function _gnutls_ciphertext2compressed(). A remote attacker could exploit this vulnerability to cause an affected server or a client application to crash resulting in a denial-of-service condition.

Extended Description

The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service (buffer over-read and crash) via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169.

Affected Products

gnu gnutls 2.12.23

References

BugTraq: 60215
CVE: CVE-2013-2116

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SSL: GnuTLS TLS Record Decoding Out-of-bounds Memory Access

Extended Description

Affected Products

References