Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2012-0027
HistoryJan 06, 2012 - 1:55 a.m.

CVE-2012-0027

2012-01-0601:55:01
Debian Security Bug Tracker
security-tracker.debian.org
9

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.052

Percentile

93.0%

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.052

Percentile

93.0%