Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-11-19T19:00:00Z

Updated: 2024-09-16T21:09:04.901Z

Reserved: 2013-06-12T00:00:00Z

Link: CVE-2013-4487

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-11-20T14:12:30.447

Modified: 2024-11-21T01:55:40.070

Link: CVE-2013-4487

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-10-29T00:00:00Z

Links: CVE-2013-4487 - Bugzilla