SuSE 11.3 Security Update : GnuTLS (SAT Patch Number 10536)

Medium Nessus Plugin ID 82639


The remote SuSE 11 host is missing one or more security updates.


GnuTLS was updated to fix two security issues :

- A certificate algorithm consistency checking issue was fixed, where GnuTLS did not check whether the two signature algorithms match on certificate import. This problem is not deemed to be exploitable currently.

- GNUTLS-SA-2015-1: GnuTLS did not verify the RSA PKCS #1 signature algorithm to match the signature algorithm in the certificate, leading to a potential downgrade to a disallowed algorithm, such as MD5, without detecting it.


Apply SAT patch number 10536.

See Also

Plugin Details

Severity: Medium

ID: 82639

File Name: suse_11_gnutls-150325.nasl

Version: $Revision: 1.1 $

Type: local

Agent: unix

Published: 2015/04/08

Modified: 2015/04/08

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:gnutls, p-cpe:/a:novell:suse_linux:11:libgnutls-extra26, p-cpe:/a:novell:suse_linux:11:libgnutls26, p-cpe:/a:novell:suse_linux:11:libgnutls26-32bit, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2015/03/25

Reference Information

CVE: CVE-2014-8155, CVE-2015-0282, CVE-2015-0294