[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2475-1 openssl -- integer underflow

ID: oval:org.secpod.oval:def:600812Date: (C)2012-05-22   (M)2018-01-05
Class: PATCHFamily: unix




It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service

Platform:
Debian 6.0
Product:
openssl
Reference:
DSA-2475-1
CVE-2012-2333
CVE    1
CVE-2012-2333
CPE    98
cpe:/a:openssl:openssl:0.9.5a
cpe:/a:openssl:openssl:0.9.6e
cpe:/a:openssl:openssl:0.9.6f
cpe:/a:openssl:openssl:0.9.6g
...

© SecPod Technologies