製品・ソフトウェアに関する情報

JVN脆弱性詳細

GnuTLS の lib/gnutls_handshake.c の read_server_hello 関数におけるバッファオーバーフローの脆弱性

Title	GnuTLS の lib/gnutls_handshake.c の read_server_hello 関数におけるバッファオーバーフローの脆弱性
Summary	GnuTLS の lib/gnutls_handshake.c の read_server_hello 関数には、バッファオーバーフローの脆弱性が存在します。
Possible impacts	リモートサーバにより、ServerHello メッセージの過度に長いセッション ID を介して、サービス運用妨害 (メモリ破損) 状態にされる、または任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	May 29, 2014, midnight
Registration Date	June 5, 2014, 1:48 p.m.
Last Update	Aug. 26, 2014, 5:40 p.m.

CVSS2.0 : 警告
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P

Affected System

IBM

IBM SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance

GNU Project

GnuTLS 3.1.25 未満

GnuTLS 3.2.15 未満の 3.2.x

GnuTLS 3.3.4 未満の 3.3.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2014-3466	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
National Vulnerability Database (NVD)
2	CVE-2014-3466	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3466

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Gitorious
1	Prevent memory corruption due to server hello parsing.	https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd
GnuTLS
2	GNUTLS-SA-2014-3	http://www.gnutls.org/security.html
IBM
3	1678776	http://www-01.ibm.com/support/docview.wss?uid=swg21678776
Oracle
4	ELSA-2014-0594	http://linux.oracle.com/errata/ELSA-2014-0594.html
5	ELSA-2014-0595	http://linux.oracle.com/errata/ELSA-2014-0595.html
Red Hat Bugzilla
6	Bug 1101932	https://bugzilla.redhat.com/show_bug.cgi?id=1101932
Red Hat Security Advisory
7	RHSA-2014:0594	http://rhn.redhat.com/errata/RHSA-2014-0594.html
8	RHSA-2014:0815	https://rhn.redhat.com/errata/RHSA-2014-0815.html
SECURITY BLOG
9	Multiple vulnerabilities in GnuTLS	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_gnutls

Change Log

No	Changed Details	Date of change
0	[2014年06月05日] 掲載 [2014年07月28日] ベンダ情報：オラクル (ELSA-2014-0594) を追加ベンダ情報：オラクル (ELSA-2014-0595) を追加ベンダ情報：オラクル (Multiple vulnerabilities in GnuTLS) を追加 [2014年08月06日] ベンダ情報：レッドハット (RHSA-2014:0815) を追加ベンダ情報：レッドハット (RHSA-2014:0594) を追加 [2014年08月26日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：IBM (1678776) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2014-3466

Summary	Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.
Publication Date	June 3, 2014, 11:55 p.m.
Registration Date	Jan. 26, 2021, 3:10 p.m.
Last Update	Nov. 21, 2024, 11:08 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:gnu:gnutls:3.3.1:::::::*
cpe:2.3:a:gnu:gnutls:3.3.0:pre0::::::
cpe:2.3:a:gnu:gnutls:3.3.3:::::::*
cpe:2.3:a:gnu:gnutls:3.3.0:-::::::
cpe:2.3:a:gnu:gnutls:3.3.2:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:gnu:gnutls:3.1.0:::::::*
cpe:2.3:a:gnu:gnutls:3.1.11:::::::*
cpe:2.3:a:gnu:gnutls:3.1.13:::::::*
cpe:2.3:a:gnu:gnutls:3.1.20:::::::*
cpe:2.3:a:gnu:gnutls:3.1.19:::::::*
cpe:2.3:a:gnu:gnutls:3.1.18:::::::*
cpe:2.3:a:gnu:gnutls:3.1.5:::::::*
cpe:2.3:a:gnu:gnutls:3.1.15:::::::*
cpe:2.3:a:gnu:gnutls:3.1.4:::::::*
cpe:2.3:a:gnu:gnutls:3.1.22:::::::*
cpe:2.3:a:gnu:gnutls:3.1.8:::::::*
cpe:2.3:a:gnu:gnutls:3.1.16:::::::*
cpe:2.3:a:gnu:gnutls:3.1.1:::::::*
cpe:2.3:a:gnu:gnutls:3.1.17:::::::*
cpe:2.3:a:gnu:gnutls:3.1.12:::::::*
cpe:2.3:a:gnu:gnutls:3.1.10:::::::*
cpe:2.3:a:gnu:gnutls:3.1.7:::::::*
cpe:2.3:a:gnu:gnutls:3.1.2:::::::*
cpe:2.3:a:gnu:gnutls:3.1.14:::::::*
cpe:2.3:a:gnu:gnutls:3.1.21:::::::*
cpe:2.3:a:gnu:gnutls::::::::		3.1.24
cpe:2.3:a:gnu:gnutls:3.1.3:::::::*
cpe:2.3:a:gnu:gnutls:3.1.6:::::::*
cpe:2.3:a:gnu:gnutls:3.1.23:::::::*
cpe:2.3:a:gnu:gnutls:3.1.9:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:gnu:gnutls:3.2.14:::::::*
cpe:2.3:a:gnu:gnutls:3.2.11:::::::*
cpe:2.3:a:gnu:gnutls:3.2.3:::::::*
cpe:2.3:a:gnu:gnutls:3.2.0:::::::*
cpe:2.3:a:gnu:gnutls:3.2.1:::::::*
cpe:2.3:a:gnu:gnutls:3.2.12:::::::*
cpe:2.3:a:gnu:gnutls:3.2.8:::::::*
cpe:2.3:a:gnu:gnutls:3.2.4:::::::*
cpe:2.3:a:gnu:gnutls:3.2.12.1:::::::*
cpe:2.3:a:gnu:gnutls:3.2.9:::::::*
cpe:2.3:a:gnu:gnutls:3.2.6:::::::*
cpe:2.3:a:gnu:gnutls:3.2.10:::::::*
cpe:2.3:a:gnu:gnutls:3.2.7:::::::*
cpe:2.3:a:gnu:gnutls:3.2.2:::::::*
cpe:2.3:a:gnu:gnutls:3.2.13:::::::*
cpe:2.3:a:gnu:gnutls:3.2.5:::::::*
cpe:2.3:a:gnu:gnutls:3.2.8.1:::::::*

Related information, measures and tools

No	URL	タグ
1	http://linux.oracle.com/errata/ELSA-2014-0594.html
2	http://linux.oracle.com/errata/ELSA-2014-0594.html
3	http://linux.oracle.com/errata/ELSA-2014-0595.html
4	http://linux.oracle.com/errata/ELSA-2014-0595.html
5	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
6	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.html
7	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
8	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html
9	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
10	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00010.html
11	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html
12	http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.html
13	http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/	Exploit URL Repurposed
14	http://radare.today/technical-analysis-of-the-gnutls-hello-vulnerability/	Exploit URL Repurposed
15	http://rhn.redhat.com/errata/RHSA-2014-0594.html
16	http://rhn.redhat.com/errata/RHSA-2014-0594.html
17	http://rhn.redhat.com/errata/RHSA-2014-0595.html
18	http://rhn.redhat.com/errata/RHSA-2014-0595.html
19	http://rhn.redhat.com/errata/RHSA-2014-0684.html
20	http://rhn.redhat.com/errata/RHSA-2014-0684.html
21	http://rhn.redhat.com/errata/RHSA-2014-0815.html
22	http://rhn.redhat.com/errata/RHSA-2014-0815.html
23	http://secunia.com/advisories/58340
24	http://secunia.com/advisories/58340
25	http://secunia.com/advisories/58598
26	http://secunia.com/advisories/58598
27	http://secunia.com/advisories/58601
28	http://secunia.com/advisories/58601
29	http://secunia.com/advisories/58642
30	http://secunia.com/advisories/58642
31	http://secunia.com/advisories/59016
32	http://secunia.com/advisories/59016
33	http://secunia.com/advisories/59021
34	http://secunia.com/advisories/59021
35	http://secunia.com/advisories/59057
36	http://secunia.com/advisories/59057
37	http://secunia.com/advisories/59086
38	http://secunia.com/advisories/59086
39	http://secunia.com/advisories/59408
40	http://secunia.com/advisories/59408
41	http://secunia.com/advisories/59838
42	http://secunia.com/advisories/59838
43	http://secunia.com/advisories/60384
44	http://secunia.com/advisories/60384
45	http://www.debian.org/security/2014/dsa-2944
46	http://www.debian.org/security/2014/dsa-2944
47	http://www.gnutls.org/security.html	Vendor Advisory
48	http://www.gnutls.org/security.html	Vendor Advisory
49	http://www.novell.com/support/kb/doc.php?id=7015302
50	http://www.novell.com/support/kb/doc.php?id=7015302
51	http://www.novell.com/support/kb/doc.php?id=7015303
52	http://www.novell.com/support/kb/doc.php?id=7015303
53	http://www.securityfocus.com/bid/67741
54	http://www.securityfocus.com/bid/67741
55	http://www.securitytracker.com/id/1030314
56	http://www.securitytracker.com/id/1030314
57	http://www.ubuntu.com/usn/USN-2229-1
58	http://www.ubuntu.com/usn/USN-2229-1
59	http://www-01.ibm.com/support/docview.wss?uid=swg21678776
60	http://www-01.ibm.com/support/docview.wss?uid=swg21678776
61	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
62	http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096155
63	https://bugzilla.redhat.com/show_bug.cgi?id=1101932
64	https://bugzilla.redhat.com/show_bug.cgi?id=1101932
65	https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd	Exploit Patch
66	https://www.gitorious.org/gnutls/gnutls/commit/688ea6428a432c39203d00acd1af0e7684e5ddfd	Exploit Patch

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:gnu:gnutls:3.1.0:::::::*
cpe:2.3:a:gnu:gnutls:3.1.11:::::::*
cpe:2.3:a:gnu:gnutls:3.1.13:::::::*
cpe:2.3:a:gnu:gnutls:3.1.20:::::::*
cpe:2.3:a:gnu:gnutls:3.1.19:::::::*
cpe:2.3:a:gnu:gnutls:3.1.18:::::::*
cpe:2.3:a:gnu:gnutls:3.1.5:::::::*
cpe:2.3:a:gnu:gnutls:3.1.15:::::::*
cpe:2.3:a:gnu:gnutls:3.1.4:::::::*
cpe:2.3:a:gnu:gnutls:3.1.22:::::::*
cpe:2.3:a:gnu:gnutls:3.1.8:::::::*
cpe:2.3:a:gnu:gnutls:3.1.16:::::::*
cpe:2.3:a:gnu:gnutls:3.1.1:::::::*
cpe:2.3:a:gnu:gnutls:3.1.17:::::::*
cpe:2.3:a:gnu:gnutls:3.1.12:::::::*
cpe:2.3:a:gnu:gnutls:3.1.10:::::::*
cpe:2.3:a:gnu:gnutls:3.1.7:::::::*
cpe:2.3:a:gnu:gnutls:3.1.2:::::::*
cpe:2.3:a:gnu:gnutls:3.1.14:::::::*
cpe:2.3:a:gnu:gnutls:3.1.21:::::::*
cpe:2.3:a:gnu:gnutls::::::::		3.1.24
cpe:2.3:a:gnu:gnutls:3.1.3:::::::*
cpe:2.3:a:gnu:gnutls:3.1.6:::::::*
cpe:2.3:a:gnu:gnutls:3.1.23:::::::*
cpe:2.3:a:gnu:gnutls:3.1.9:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:gnu:gnutls:3.2.14:::::::*
cpe:2.3:a:gnu:gnutls:3.2.11:::::::*
cpe:2.3:a:gnu:gnutls:3.2.3:::::::*
cpe:2.3:a:gnu:gnutls:3.2.0:::::::*
cpe:2.3:a:gnu:gnutls:3.2.1:::::::*
cpe:2.3:a:gnu:gnutls:3.2.12:::::::*
cpe:2.3:a:gnu:gnutls:3.2.8:::::::*
cpe:2.3:a:gnu:gnutls:3.2.4:::::::*
cpe:2.3:a:gnu:gnutls:3.2.12.1:::::::*
cpe:2.3:a:gnu:gnutls:3.2.9:::::::*
cpe:2.3:a:gnu:gnutls:3.2.6:::::::*
cpe:2.3:a:gnu:gnutls:3.2.10:::::::*
cpe:2.3:a:gnu:gnutls:3.2.7:::::::*
cpe:2.3:a:gnu:gnutls:3.2.2:::::::*
cpe:2.3:a:gnu:gnutls:3.2.13:::::::*
cpe:2.3:a:gnu:gnutls:3.2.5:::::::*
cpe:2.3:a:gnu:gnutls:3.2.8.1:::::::*