Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Alban Crequy discovered that the GnuTLS library incorrectly checked
array bounds when copying TLS session data. A remote attacker could
crash a client application, leading to a denial of service, as the
client application prepared for TLS session resumption.
Matthew Hall discovered that the GnuTLS library incorrectly handled
TLS records. A remote attacker could crash client and server
applications, leading to a denial of service, by sending a crafted TLS
Update the affected libgnutls13 and / or libgnutls26 packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false