CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
95.8%
Debian Security Advisory DSA-2392-1 [email protected]
http://www.debian.org/security/ Florian Weimer
January 23, 2012 http://www.debian.org/security/faq
Package : openssl
Vulnerability : out-of-bounds read
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0050
Antonio Martin discovered a denial-of-service vulnerability in
OpenSSL, an implementation of TLS and related protocols. A malicious
client can cause the DTLS server implementation to crash. Regular,
TCP-based TLS is not affected by this issue.
For the oldstable distribution (lenny), this problem has been fixed in
version 0.9.8g-15+lenny16.
For the stable distribution (squeeze), this problem has been fixed in
version 0.9.8o-4squeeze7.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 1.0.0g-1.
We recommend that you upgrade your openssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | armel | libssl-dev | <Â 0.9.8o-4squeeze7 | libssl-dev_0.9.8o-4squeeze7_armel.deb |
Debian | 5 | amd64 | openssl | <Â 0.9.8g-15+lenny16 | openssl_0.9.8g-15+lenny16_amd64.deb |
Debian | 6 | s390 | libssl0.9.8 | <Â 0.9.8o-4squeeze7 | libssl0.9.8_0.9.8o-4squeeze7_s390.deb |
Debian | 5 | mips | libssl-dev | <Â 0.9.8g-15+lenny16 | libssl-dev_0.9.8g-15+lenny16_mips.deb |
Debian | 5 | alpha | openssl | <Â 0.9.8g-15+lenny16 | openssl_0.9.8g-15+lenny16_alpha.deb |
Debian | 6 | mipsel | libssl-dev | <Â 0.9.8o-4squeeze7 | libssl-dev_0.9.8o-4squeeze7_mipsel.deb |
Debian | 6 | s390 | libssl-dev | <Â 0.9.8o-4squeeze7 | libssl-dev_0.9.8o-4squeeze7_s390.deb |
Debian | 5 | armel | libssl0.9.8 | <Â 0.9.8g-15+lenny16 | libssl0.9.8_0.9.8g-15+lenny16_armel.deb |
Debian | 6 | armel | libssl0.9.8-dbg | <Â 0.9.8o-4squeeze7 | libssl0.9.8-dbg_0.9.8o-4squeeze7_armel.deb |
Debian | 5 | alpha | libcrypto0.9.8-udeb | <Â 0.9.8g-15+lenny16 | libcrypto0.9.8-udeb_0.9.8g-15+lenny16_alpha.deb |