Think you have a false positive on this rule?

Sid 1-31176

Message

SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt

Summary

Buffer overflow in the readserverhello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

Impact

CVSS base score 6.8 CVSS impact score 6.4 CVSS exploitability score 8.6 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2014-3466:

CVSS base score 6.8

CVSS impact score 6.4

CVSS exploitability score 8.6

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2014-3466: Buffer overflow in the readserverhello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

Affected systems

  • gnu gnutls 3.1.0
  • gnu gnutls 3.1.1
  • gnu gnutls 3.1.2
  • gnu gnutls 3.1.3
  • gnu gnutls 3.1.4
  • gnu gnutls 3.1.5
  • gnu gnutls 3.1.6
  • gnu gnutls 3.1.7
  • gnu gnutls 3.1.8
  • gnu gnutls 3.1.9
  • gnu gnutls 3.1.10
  • gnu gnutls 3.1.11
  • gnu gnutls 3.1.12
  • gnu gnutls 3.1.13
  • gnu gnutls 3.1.14
  • gnu gnutls 3.1.15
  • gnu gnutls 3.1.16
  • gnu gnutls 3.1.17
  • gnu gnutls 3.1.18
  • gnu gnutls 3.1.19
  • gnu gnutls 3.1.20
  • gnu gnutls 3.1.21
  • gnu gnutls 3.1.22
  • gnu gnutls 3.1.23
  • gnu gnutls 3.1.24
  • gnu gnutls 3.2.0
  • gnu gnutls 3.2.1
  • gnu gnutls 3.2.2
  • gnu gnutls 3.2.3
  • gnu gnutls 3.2.4
  • gnu gnutls 3.2.5
  • gnu gnutls 3.2.6
  • gnu gnutls 3.2.7
  • gnu gnutls 3.2.8
  • gnu gnutls 3.2.8.1
  • gnu gnutls 3.2.9
  • gnu gnutls 3.2.10
  • gnu gnutls 3.2.11
  • gnu gnutls 3.2.12
  • gnu gnutls 3.2.12.1
  • gnu gnutls 3.2.13
  • gnu gnutls 3.2.14
  • gnu gnutls 3.3.0
  • gnu gnutls 3.3.1
  • gnu gnutls 3.3.2
  • gnu gnutls 3.3.3

Ease of attack

CVE-2014-3466:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • gnutls.org/security.html#GNUTLS-SA-2014-3
  • osvdb.org/show/osvdb/107564