CVE-2004-2531

Published: 10/25/2005 Last updated: 8/8/2024 Reserved: 10/25/2005

X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (5)

conf-gnutls conf-mingw-w64-gnutls-i686 conf-mingw-w64-gnutls-x86_64 conf-srt conf-srt-gnutls

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon 730 Mobile Platform (SM7150-AA)

References (14)

http://securitytracker.com/id?1010838
http://www.osvdb.org/8278
http://www.hornik.sk/SA/SA-20040802.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16858
http://www.securityfocus.com/bid/10839
http://lists.gnupg.org/pipermail/gnutls-dev/2004-August/000703.html
http://secunia.com/advisories/12156
http://securitytracker.com/id?1010838
http://www.osvdb.org/8278
http://www.hornik.sk/SA/SA-20040802.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/16858
http://www.securityfocus.com/bid/10839
http://lists.gnupg.org/pipermail/gnutls-dev/2004-August/000703.html
http://secunia.com/advisories/12156