Summary
The remote host is missing an update to gnutls
announced via advisory FEDORA-2009-8565.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update gnutls' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8565
Insight
Update Information:
This update fixes handling of NUL characters in certificate Common Name or subjectAltName fields especially in regards to comparsion to hostnames.
ChangeLog:
* Wed Sep 23 2009 Tomas Mraz 2.6.6-3
- fix handling of hostname in openpgp certificates * Fri Aug 14 2009 Tomas Mraz 2.6.6-2
- fix CVE-2009-2730 - handling of NUL chars in certificate CNs and SANs
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-2730 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities