CVE-2015-8313

Published: Dic 20, 2019 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2015-8199 Aliases: GSD-2015-8313
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,9
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
MEDIUM 4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: partial
Integrity: none
Availability: none

Description

AI Translation Available

GnuTLS incorrectly validates the first byte of padding in CBC modes

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0106
Percentile
0,8th
Updated

EPSS Score Trend (Last 90 Days)

203

Observable Discrepancy

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Access Control
Potential Impacts:
Read Application Data Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
View CWE Details
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Gnutls by Gnu

Product Information
Vendor Gnu
Product Gnutls
Version Range Affected
From 2.0.0 (inclusive)
To 2.12.24 (inclusive)
cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://blog.hboeck.de/archives/877-A-little-POODLE-left-in…
Third Party Advisory
https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions…
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313
Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313
Issue Tracking Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313
https://security-tracker.debian.org/tracker/CVE-2015-8313
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2015-8313
http://www.debian.org/security/2015/dsa-3408
Third Party Advisory
http://www.debian.org/security/2015/dsa-3408
http://www.securityfocus.com/archive/1/537012/100/0/threaded
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/537012/100/0/threaded
http://www.securityfocus.com/bid/78327
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/78327
https://blog.hboeck.de/archives/877-A-little-POODLE-left-in…
Third Party Advisory
https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions…
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313
Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313
Issue Tracking Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313
https://security-tracker.debian.org/tracker/CVE-2015-8313
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2015-8313
http://www.debian.org/security/2015/dsa-3408
Third Party Advisory
http://www.debian.org/security/2015/dsa-3408
http://www.securityfocus.com/archive/1/537012/100/0/threaded
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/537012/100/0/threaded
http://www.securityfocus.com/bid/78327
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/78327