Unknown
CVE-2011-4128
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- gnutls 2.12.0,
- gnutls 2.12.1,
- gnutls 2.12.10,
- gnutls 2.12.11,
- gnutls 2.12.12,
- gnutls 2.12.13,
- gnutls 2.12.2,
- gnutls 2.12.3,
- gnutls 2.12.4,
- gnutls 2.12.5,
- gnutls 2.12.6,
- gnutls 2.12.6.1,
- gnutls 2.12.7,
- gnutls 2.12.8,
- gnutls 2.12.9,
- gnutls 3.0.0,
- gnutls 3.0.1,
- gnutls 3.0.2,
- gnutls 3.0.3,
- gnutls 3.0.4,
- gnutls 3.0.5,
- gnutls 3.0.6
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
