Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Q-325: gnutls11 Cryptographic Weakness

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Q-325: gnutls11 Cryptographic Weakness
# 1  
Old 12-24-2007
Q-325: gnutls11 Cryptographic Weakness
A flaw in GNU TLS cryptographic package that could allow an attacker to generate a forged signature that GNU TLS will accept as valid. The risk is LOW. Could allow an attacker to generate a forged signature that will be accepted as valid.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Solaris

Assigning cryptographic resources to the control domain

Sun documentation suggests that we need to assign cryptographic resources to the control domain as part of the initial configuration. I searched the documentation to better understand the purpose of this and know recommendation/limitation. I am doing this for Netra T5220 and wondering if the... (5 Replies)
Discussion started by: StarSol
5 Replies

2. UNIX for Advanced & Expert Users

Weakness in Perl CGI causes memory dump ??

I have discovered a curious phenomenon in GCI. I need some advice from someone far more adept. Is this a bug or potential security weakness? Context: Redhat 8.0 on xx86 (pentium 3) Apache 2.0, Perl 5.80 Background: I've been trying to harden a web application which accepts user uploaded... (0 Replies)
Discussion started by: andyj
0 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

gnutls_ia_enable

gnutls_ia_enable(3)						      gnutls						       gnutls_ia_enable(3)

NAME

       gnutls_ia_enable - Indicate willingness for TLS/IA application phases

SYNOPSIS

       #include <gnutls/extra.h>

       void gnutls_ia_enable(gnutls_session_t session, int allow_skip_on_resume);

ARGUMENTS

       gnutls_session_t session
		   is a gnutls_session_t structure.

       int allow_skip_on_resume
		   non-zero if local party allows to skip the TLS/IA application phases for a resumed session.

DESCRIPTION

       Specify whether we must advertise support for the TLS/IA extension during the handshake.

       At  the	client	side,  we always advertise TLS/IA if gnutls_ia_enable was called before the handshake; at the server side, we also require
       that the client has advertised that it wants to run TLS/IA before including the advertisement, as required by the protocol.

       Similarly, at the client side we always advertise that we allow TLS/IA to be  skipped  for  resumed  sessions  if  allow_skip_on_resume	is
       non-zero;  at  the server side, we also require that the session is indeed resumable and that the client has also advertised that it allows
       TLS/IA to be skipped for resumed sessions.

       After the TLS handshake, call gnutls_ia_handshake_p() to find out whether both parties agreed to do  a  TLS/IA  handshake,  before  calling
       gnutls_ia_handshake() or one of the lower level gnutls_ia_* functions.

REPORTING BUGS

       Report	bugs   to   <bug-gnutls@gnu.org>.   GnuTLS  home  page:  http://www.gnu.org/software/gnutls/  General  help  using  GNU  software:
       http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright (C) 2008 Free Software Foundation.
       Copying and distribution of this file, with or without modification, are permitted in any medium without  royalty  provided  the  copyright
       notice and this notice are preserved.

SEE ALSO

       The  full documentation for gnutls is maintained as a Texinfo manual.  If the info and gnutls programs are properly installed at your site,
       the command

	      info gnutls

       should give you access to the complete manual.

gnutls								       2.8.6						       gnutls_ia_enable(3)