[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80170

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2475-1 openssl -- integer underflow

ID: oval:org.secpod.oval:def:600812Date: (C)2012-05-22   (M)2018-01-05
Class: PATCHFamily: unix




It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service

Platform:
Debian 6.0
Product:
openssl
Reference:
DSA-2475-1
CVE-2012-2333
CVE    1
CVE-2012-2333
CPE    98
cpe:/o:debian:debian_linux:6.0
cpe:/a:openssl:openssl:1.0.0h
cpe:/a:openssl:openssl:1.0.1:beta1
cpe:/a:openssl:openssl:1.0.1:beta3
...

© 2013 SecPod Technologies