GnuTLS Prior to 2.6.6 Multiple Remote Vulnerabilities
GnuTLS is prone to multiple remote vulnerabilities:
- A remote code-execution vulnerability
- A denial-of-service vulnerability
- A signature-generation vulnerability
- A signature-verification vulnerability
An attacker can exploit these issues to potentially execute arbitrary code, trigger denial-of-service conditions, carry out attacks against data signed with weak signatures, and cause clients to accept expired or invalid certificates from servers.
Versions prior to GnuTLS 2.6.6 are vulnerable.