SuSE 11.3 Security Update : GnuTLS (SAT Patch Number 10536)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

GnuTLS was updated to fix two security issues :

- A certificate algorithm consistency checking issue was
fixed, where GnuTLS did not check whether the two
signature algorithms match on certificate import. This
problem is not deemed to be exploitable currently.
(CVE-2015-0294)

- GNUTLS-SA-2015-1: GnuTLS did not verify the RSA PKCS #1
signature algorithm to match the signature algorithm in
the certificate, leading to a potential downgrade to a
disallowed algorithm, such as MD5, without detecting it.
(CVE-2015-0282)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=919938
https://bugzilla.novell.com/show_bug.cgi?id=921684
http://support.novell.com/security/cve/CVE-2014-8155.html
http://support.novell.com/security/cve/CVE-2015-0282.html
http://support.novell.com/security/cve/CVE-2015-0294.html

Solution :

Apply SAT patch number 10536.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 82639 ()

Bugtraq ID:

CVE ID: CVE-2014-8155
CVE-2015-0282
CVE-2015-0294

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now