GnuTLS TLS record Processing Heap Memory Corruption Vulnerability

Release date: 2012-03-21
Updated on: 2012-03-22

Affected Systems:
GNU GnuTLS 3.0.14
Unaffected system:
GNU GnuTLS 3.0.15
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52667
Cve id: CVE-2012-1573

GnuTLS is an open-source implementation of SSL, TLS, and DTLS. It uses APIs, X.509, PKCS #12, OpenPGP, and other security data types for network communication encryption.

The group password decryption logic of GnuTLS 3.0.14 considers that records containing block size multiples can be used for decryption. By creating a GenericBlockCipher structure with a valid IV value, heap Corruption can be caused by keeping the original value of the handshake message length and removing other content from the end.

<* Source: Matthew Hall

Link: http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

GNU
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.gnu.org

GnuTLS details: click here
GnuTLS: click here

Install GnuTLS in Mac OS X 10.6

Compile and install the new GnuTLS version in CentOS

JSSE works with GnuTLS to implement secure communication between Java and C.

Certificate generation when JSSE and GnuTLS are used together