High Severity GnuTLS bug

On May 23rd, Nikos Mavrogiannopoulo (one of the primary authors of the GnuTLS library) submitted a commit identifying the potential for “memory corruption” during the TLS/SSL handshake process. This specific bug makes it possible to initiate a server-based attack on a client system by corrupting its memory using a specially crafted ServerHello message.
[Read more…]