The remote host is probably affected by the vulnerabilities described in CVE-2008-1948, CVE-2008-1949, CVE-2008-1950

CVE-2008-1948 The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1. CVE-2008-1949 The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2. CVE 2008-1950 Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.

All GnuTLS users should upgrade to the latest version:

• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948
• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949
• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950

---

Updated on 2015-03-25