Security Advisory

CVE-2008-1949

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-05-21 10:00:00

Last updated 2024-08-07 08:41:00

Assigner redhat

State PUBLISHED

Description

The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to cause a denial of service (NULL dereference and crash) via a TLS message containing multiple Client Hello messages, aka GNUTLS-SA-2008-1-2.

← Browse all CVEs View on cve.org ↗