CVE-2005-1431Gnutls vulnerability

6 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
1.4%
top 19.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Gnutls
Timeline
PublishedMay 3
Latest updateMay 1

Description

The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDgnu/gnutls10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-mcj4-5q8p-wx2v: The "record packet parsing" in GnuTLS 12022-05-01
CVEList
CVE-2005-1431: The "record packet parsing" in GnuTLS 12005-05-03

📋Vendor Advisories

2
Ubuntu
GNU TLS library vulnerability2005-05-13
Red Hat
gnutls record packet parsing DoS [GNUTLS-SA-2005-1]2005-04-28

💬Community

1
Bugzilla
CVE-2005-1431 gnutls record packet parsing DoS [GNUTLS-SA-2005-1]2005-05-04
CVE-2005-1431 — GNU Gnutls vulnerability | cvebase