Skip to main content

Linux Bug Exposes Open Source to "Goto Fail"


A communications library implementing a series of protocols, the GnuTLS has revealed that a bug has leaked on open source system which allows to bypass Linux distributions.

According to gnutls.org, programmers using any versions of GnuTLS will be vulnerable on the attack. In order to mitigate the attack, the programming system must be upgraded to version 3.2.12.

"An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker." Red Hat Customer Portal stated on its security advisory.

The bug or commonly known as "goto fail" was recently introduced as a common error. However, it was been proven that it can greatly affect the programs of Linux servers and other operating system despite of the presence of security measures.

Linux, which is being widely used in various programs and software has rely in GnuTLS.

Aside from Linux, Debian and Ubuntu also rely on GnuTLS. Arstechnica stated that more than 200 OS (operating system) depends on the certification standards of GnuTLS.

GnuTLS also verifies the command set by Super Sockets Layer (SSL) and Transport Layer Security (TLS).

The attack may be launched in the height of simple and minimal errors particularly with Linux and GnuTLS dependents.

Photo Credit: linuxuser.co.uk

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.