CVE-2008-2377 - Vulnerability Details - OpenCVE

Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Gnutls

Configuration 1 [-]

OR	cpe:2.3:a:gnu:gnutls:2.3.5:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.6:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.7:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.8:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.9:::::::*
	cpe:2.3:a:gnu:gnutls:2.4.0:::::::*

No data.

References

Link	Providers
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947
http://secunia.com/advisories/31505
http://www.gnu.org/software/gnutls/security.html
http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html
http://www.securityfocus.com/bid/30713
http://www.vupen.com/english/advisories/2008/2398
https://exchange.xforce.ibmcloud.com/vulnerabilities/44486
https://issues.rpath.com/browse/RPL-2650

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2008-08-08T19:00:00

Updated: 2024-08-07T08:58:02.218Z

Reserved: 2008-05-21T00:00:00

Link: CVE-2008-2377

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-08-08T19:41:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2377

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-30T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[gnutls-devel] 20080630 GnuTLS 2.4.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2650"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.gnu.org/software/gnutls/security.html"}, {"name": "[gnutls-devel] 20080630 Details on the gnutls_handshake local crash problem [GNUTLS-SA-2008-2]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"name": "ADV-2008-2398", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"name": "30713", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30713"}, {"name": "gnutls-gnutlshandshake-code-execution(44486)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"name": "31505", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31505"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.218Z"}, "title": "CVE Program Container", "references": [{"name": "[gnutls-devel] 20080630 GnuTLS 2.4.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2650"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.gnu.org/software/gnutls/security.html"}, {"name": "[gnutls-devel] 20080630 Details on the gnutls_handshake local crash problem [GNUTLS-SA-2008-2]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"name": "ADV-2008-2398", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"name": "30713", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30713"}, {"name": "gnutls-gnutlshandshake-code-execution(44486)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"name": "31505", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31505"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-2377", "datePublished": "2008-08-08T19:00:00", "dateReserved": "2008-05-21T00:00:00", "dateUpdated": "2024-08-07T08:58:02.218Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "C51E0C88-B19C-408D-AC17-10CE7462D48A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "7A7FBFAA-263C-4B7B-A135-9824DFD8CCDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "2AC41482-B3BC-4C93-A850-73A179BAB763", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "ADC80BE1-28A6-4348-A061-8FD9C805E945", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "9D8EF703-AE06-4DD7-9235-2D8CCDB24F96", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB33002-E5C6-4573-BC94-647DDE4E6F89", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n _gnutls_handshake_hash_buffers_clear de lib/gnutls_handshake.c en libgnutls de GnuTLS 2.3.5 hasta 2.4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (caida) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de transmisiones TLS de datos que no son usadas apropiadamente cuando las llamadas pares gnutls_handshake dentro de una sesi\u00f3n normal, conducen a intentos de acceso a manejadores libgcrypt no asignados."}], "id": "CVE-2008-2377", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-08-08T19:41:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/31505"}, {"source": "secalert@redhat.com", "url": "http://www.gnu.org/software/gnutls/security.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/30713"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31505"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gnu.org/software/gnutls/security.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/30713"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2650"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of gnutls as shipped with Red Hat Enterprise Linux 4, or 5.", "lastModified": "2008-08-11T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}