[Forgot Password]
Login  Register Subscribe

24003

 
 

131401

 
 

103942

 
 

909

 
 

84044

 
 

133

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2475-1 openssl -- integer underflow

ID: oval:org.secpod.oval:def:600812Date: (C)2012-05-22   (M)2018-01-05
Class: PATCHFamily: unix




It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service

Platform:
Debian 6.0
Product:
openssl
Reference:
DSA-2475-1
CVE-2012-2333
CVE    1
CVE-2012-2333
CPE    98
cpe:/a:openssl:openssl:0.9.7j
cpe:/a:openssl:openssl:0.9.7k
cpe:/a:openssl:openssl:0.9.7l
cpe:/a:openssl:openssl:0.9.7m
...

© 2013 SecPod Technologies