Red Hat Bugzilla – Bug 180857
SA18794 GnuTLS libtasn1 DER Decoding Denial of Service Vulnerabilities
Last modified: 2007-11-30 17:11:23 EST
"Evgeny Legerov has reported some vulnerabilities in GnuTLS libtasn1, which
potentially can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerabilities are caused due to errors within the DER decoder in libtasn1.
This can be exploited to crash an application that uses the library via
The vulnerabilities have been reported in libtasn1 prior to 0.2.18 and in GnuTLS
prior to 1.2.10."
Fixed in both FC-4 updates and FC-5-devel packages.