5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.145 Low
EPSS
Percentile
95.7%
Debian Security Advisory DSA-2392-1 [email protected]
http://www.debian.org/security/ Florian Weimer
January 23, 2012 http://www.debian.org/security/faq
Package : openssl
Vulnerability : out-of-bounds read
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-0050
Antonio Martin discovered a denial-of-service vulnerability in
OpenSSL, an implementation of TLS and related protocols. A malicious
client can cause the DTLS server implementation to crash. Regular,
TCP-based TLS is not affected by this issue.
For the oldstable distribution (lenny), this problem has been fixed in
version 0.9.8g-15+lenny16.
For the stable distribution (squeeze), this problem has been fixed in
version 0.9.8o-4squeeze7.
For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 1.0.0g-1.
We recommend that you upgrade your openssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 5 | arm | openssl | < 0.9.8g-15+lenny16 | openssl_0.9.8g-15+lenny16_arm.deb |
Debian | 6 | i386 | libssl-dev | < 0.9.8o-4squeeze7 | libssl-dev_0.9.8o-4squeeze7_i386.deb |
Debian | 6 | kfreebsd-amd64 | libcrypto0.9.8-udeb | < 0.9.8o-4squeeze7 | libcrypto0.9.8-udeb_0.9.8o-4squeeze7_kfreebsd-amd64.deb |
Debian | 5 | sparc | libssl0.9.8 | < 0.9.8g-15+lenny16 | libssl0.9.8_0.9.8g-15+lenny16_sparc.deb |
Debian | 5 | armel | openssl | < 0.9.8g-15+lenny16 | openssl_0.9.8g-15+lenny16_armel.deb |
Debian | 5 | mips | libssl-dev | < 0.9.8g-15+lenny16 | libssl-dev_0.9.8g-15+lenny16_mips.deb |
Debian | 5 | arm | libcrypto0.9.8-udeb | < 0.9.8g-15+lenny16 | libcrypto0.9.8-udeb_0.9.8g-15+lenny16_arm.deb |
Debian | 6 | mips | libcrypto0.9.8-udeb | < 0.9.8o-4squeeze7 | libcrypto0.9.8-udeb_0.9.8o-4squeeze7_mips.deb |
Debian | 6 | powerpc | openssl | < 0.9.8o-4squeeze7 | openssl_0.9.8o-4squeeze7_powerpc.deb |
Debian | 6 | powerpc | libssl0.9.8-dbg | < 0.9.8o-4squeeze7 | libssl0.9.8-dbg_0.9.8o-4squeeze7_powerpc.deb |