[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNUTLS-SA-2008-1 question

From: Simon Josefsson
Subject: Re: GNUTLS-SA-2008-1 question
Date: Mon, 19 May 2008 23:34:41 +0200
User-agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.2 (gnu/linux)

Josh Bressers <address@hidden> writes:

> Hello,
> My name is Josh Bressers and I am a member of the Red Hat Security Response
> Team.
> I just found out about GNUTLS-SA-2008-1 and was wondering if you could
> clear something up for me.


Btw, be sure to check out the 2.2.5 announcement.

> The advisory states it's a denial of service, but from reading the
> advisory, GNUTLS-SA-2008-1-1, it sounds like it should be an exploitable
> buffer overflow, not just a denial-of-service.  Are you willing to share
> your reasoning for calling this a DoS rather than an arbitrary code
> execution flaw?

It may indeed be more than just a denial-of-service, but we don't have
resources to analyze this in more detail.  We just echo the report that
was submitted to us, and it was about segmentation faults.

> Also, would you be willing to share the reproducer for this flaw?  We are
> interested in it for QA purposes.

I'll attach my internal notes for reproducing the flaws to you in a
private email.

> I'm also wondering if you'd be willing to give the Vendor Security group a
> heads up on issues such as this in the future.  You can find more details
> about the group here:

The vulnerability was submitted to us via CERT-FI, so I incorrectly
assumed they had communicated this to vendors.  I'll see if I can
subscribe to the list to be able to give an heads-up in the future.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]