OVAL Reference oval:org.opensuse.security:def:20081948

Oval Definition:

oval:org.opensuse.security:def:20081948

Revision Date:	2022-06-30	Version:	1
Title:	CVE-2008-1948
Description:	The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2008-1948 Mitre CVE-2008-1948 SUSE CVE-2008-1948 SUSE-SA:2008:046 SUSE-SA:2008:046
Platform(s):	Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 openSUSE 10.3 openSUSE Tumbleweed SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4	Product(s):
Definition Synopsis
sles9-nld is installed AND Package Information gnutls-32bit less than 9-200808211659 OR gnutls-devel-32bit less than 9-200808211659 OR gnutls-devel less than 1.0.8-26.15 OR gnutls less than 1.0.8-26.15
Definition Synopsis
suse103 is installed AND Package Information gnutls-32bit less than 1.6.1-36.2 OR gnutls-64bit less than 1.6.1-36.2 OR gnutls-devel-32bit less than 1.6.1-36.2 OR gnutls-devel-64bit less than 1.6.1-36.2 OR gnutls-devel less than 1.6.1-36.2 OR gnutls less than 1.6.1-36.2
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND gnutls-2.4.1-24.39.33.1 is installed OR libgnutls26-2.4.1-24.39.33.1 is installed OR libgnutls26-32bit-2.4.1-24.39.33.1 is installed OR libgnutls26-x86-2.4.1-24.39.33.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.45.1 is installed OR libgnutls-extra26-2.4.1-24.39.45.1 is installed OR libgnutls26-2.4.1-24.39.45.1 is installed OR libgnutls26-32bit-2.4.1-24.39.45.1 is installed OR libgnutls26-x86-2.4.1-24.39.45.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND gnutls-2.4.1-24.39.55.1 is installed OR libgnutls-extra26-2.4.1-24.39.55.1 is installed OR libgnutls26-2.4.1-24.39.55.1 is installed OR libgnutls26-32bit-2.4.1-24.39.55.1 is installed OR libgnutls26-x86-2.4.1-24.39.55.1 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libgnutls-devel-2.4.1-24.39.55.1 is installed OR libgnutls-extra-devel-2.4.1-24.39.55.1 is installed OR libgnutls-extra26-2.4.1-24.39.55.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND gnutls-2.4.1-24.39.33.1 is installed OR libgnutls26-2.4.1-24.39.33.1 is installed OR libgnutls26-32bit-2.4.1-24.39.33.1 is installed OR libgnutls26-x86-2.4.1-24.39.33.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.45.1 is installed OR libgnutls-extra26-2.4.1-24.39.45.1 is installed OR libgnutls26-2.4.1-24.39.45.1 is installed OR libgnutls26-32bit-2.4.1-24.39.45.1 is installed OR libgnutls26-x86-2.4.1-24.39.45.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND gnutls-2.4.1-24.39.55.1 is installed OR libgnutls-extra26-2.4.1-24.39.55.1 is installed OR libgnutls26-2.4.1-24.39.55.1 is installed OR libgnutls26-32bit-2.4.1-24.39.55.1 is installed OR libgnutls26-x86-2.4.1-24.39.55.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.45.1 is installed OR libgnutls-extra26-2.4.1-24.39.45.1 is installed OR libgnutls26-2.4.1-24.39.45.1 is installed OR libgnutls26-32bit-2.4.1-24.39.45.1 is installed OR libgnutls26-x86-2.4.1-24.39.45.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND gnutls-2.4.1-24.39.55.1 is installed OR libgnutls-extra26-2.4.1-24.39.55.1 is installed OR libgnutls26-2.4.1-24.39.55.1 is installed OR libgnutls26-32bit-2.4.1-24.39.55.1 is installed OR libgnutls26-x86-2.4.1-24.39.55.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information gnutls-2.4.1-24.39.45 is installed OR libgnutls-extra26-2.4.1-24.39.45 is installed OR libgnutls26-2.4.1-24.39.45 is installed OR libgnutls26-32bit-2.4.1-24.39.45 is installed OR libgnutls26-x86-2.4.1-24.39.45 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed AND gnutls-2.4.1-24.19 is installed OR libgnutls26-2.4.1-24.19 is installed OR libgnutls26-32bit-2.4.1-24.19 is installed OR libgnutls26-x86-2.4.1-24.19 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND gnutls-2.4.1-24.39.33 is installed OR libgnutls26-2.4.1-24.39.33 is installed OR libgnutls26-32bit-2.4.1-24.39.33 is installed OR libgnutls26-x86-2.4.1-24.39.33 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.45 is installed OR libgnutls-extra26-2.4.1-24.39.45 is installed OR libgnutls26-2.4.1-24.39.45 is installed OR libgnutls26-32bit-2.4.1-24.39.45 is installed OR libgnutls26-x86-2.4.1-24.39.45 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND gnutls-2.4.1-24.39.55 is installed OR libgnutls-extra26-2.4.1-24.39.55 is installed OR libgnutls26-2.4.1-24.39.55 is installed OR libgnutls26-32bit-2.4.1-24.39.55 is installed OR libgnutls26-x86-2.4.1-24.39.55 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND libgnutls-devel-2.4.1-24.39.55 is installed OR libgnutls-extra-devel-2.4.1-24.39.55 is installed OR libgnutls-extra26-2.4.1-24.39.55 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 11 SP1 is installed AND gnutls-2.4.1-24.19.1 is installed OR libgnutls26-2.4.1-24.19.1 is installed OR libgnutls26-32bit-2.4.1-24.19.1 is installed OR libgnutls26-x86-2.4.1-24.19.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP2 is installed AND gnutls-2.4.1-24.39.33.1 is installed OR libgnutls26-2.4.1-24.39.33.1 is installed OR libgnutls26-32bit-2.4.1-24.39.33.1 is installed OR libgnutls26-x86-2.4.1-24.39.33.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP3 is installed AND gnutls-2.4.1-24.39.45.1 is installed OR libgnutls-extra26-2.4.1-24.39.45.1 is installed OR libgnutls26-2.4.1-24.39.45.1 is installed OR libgnutls26-32bit-2.4.1-24.39.45.1 is installed OR libgnutls26-x86-2.4.1-24.39.45.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed AND gnutls-2.4.1-24.39.55.1 is installed OR libgnutls-extra26-2.4.1-24.39.55.1 is installed OR libgnutls26-2.4.1-24.39.55.1 is installed OR libgnutls26-32bit-2.4.1-24.39.55.1 is installed OR libgnutls26-x86-2.4.1-24.39.55.1 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information gnutls-3.7.2-1.2 is installed OR gnutls-guile-3.7.2-1.2 is installed OR libgnutls-dane-devel-3.7.2-1.2 is installed OR libgnutls-dane0-3.7.2-1.2 is installed OR libgnutls-devel-3.7.2-1.2 is installed OR libgnutls-devel-32bit-3.7.2-1.2 is installed OR libgnutls30-3.7.2-1.2 is installed OR libgnutls30-32bit-3.7.2-1.2 is installed OR libgnutls30-hmac-3.7.2-1.2 is installed OR libgnutlsxx-devel-3.7.2-1.2 is installed OR libgnutlsxx28-3.7.2-1.2 is installed

BACK