gnutls: code execution
| Package(s): | gnutls | CVE #(s): | CVE-2013-4466 | ||||||||||||
| Created: | October 29, 2013 | Updated: | December 1, 2013 | ||||||||||||
| Description: | From the Red Hat bugzilla:
Upstream GnuTLS versions 3.1.15 and 3.2.5 correct a buffer overflow in dane_query_tlsa() function used to parse DANE (DNS-based Authentication of Named Entities) DNS records. The function parses DNS server reply into dane_query_st / dane_query_t struct which can hold up to 4 entries, but the function failed to check this and allowed parsing more then 4 entries form the reply, resulting in buffer overflow. An application using DANE protocol to verify certificates could crash or, possibly, execute arbitrary code when parsing a response from a malicious DNS server. | ||||||||||||||
| Alerts: |
| ||||||||||||||