[Forgot Password]
Login  Register Subscribe

24002

 
 

127027

 
 

102010

 
 

909

 
 

81374

 
 

133

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2012:0518-01 -- Redhat openssl, openssl098e and openssl097a

ID: oval:org.secpod.oval:def:500789Date: (C)2012-04-25   (M)2018-01-05
Class: PATCHFamily: unix




OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 data from BIO inputs. Specially-crafted DER encoded data read from a file or other BIO input could cause an application using the OpenSSL library to crash or, potentially, execute arbitrary code. All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve this issue. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.

Platform:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product:
openssl
openssl098e
openssl097a
Reference:
RHSA-2012:0518-01
CVE-2012-2110
CVE    1
CVE-2012-2110
CPE    93
cpe:/a:openssl:openssl097a
cpe:/a:openssl:openssl
cpe:/a:openssl:openssl098e
cpe:/a:openssl:openssl:0.9.1c
...

© 2013 SecPod Technologies