Lucene search

K

PRIOn knowledge basePRION:CVE-2012-1569

HistoryMar 26, 2012 - 7:55 p.m.

Memory corruption

2012-03-2619:55:00

PRIOn knowledge base

www.prio-n.com

5

8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.927 High

EPSS

Percentile

99.0%

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.

CPENameOperatorVersion
gnutlseq2.3.5
gnutlseq1.6.0
gnutlseq2.10.2
gnutlseq3.0.12
gnutlseq2.0.0
gnutlseq1.5.0
gnutlseq1.2.8
gnutlseq2.8.3
gnutlseq1.1.14
gnutlseq2.3.4

Rows per page:

1-10 of 2211

References

archives.neohapsis.com/archives/bugtraq/2012-03/0099.html

article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932

article.gmane.org/gmane.comp.gnu.libtasn1.general/53

article.gmane.org/gmane.comp.gnu.libtasn1.general/54

blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/

linux.oracle.com/errata/ELSA-2014-0596.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html

rhn.redhat.com/errata/RHSA-2012-0427.html

rhn.redhat.com/errata/RHSA-2012-0488.html

rhn.redhat.com/errata/RHSA-2012-0531.html

secunia.com/advisories/48397

secunia.com/advisories/48488

secunia.com/advisories/48505

secunia.com/advisories/48578

secunia.com/advisories/48596

secunia.com/advisories/49002

secunia.com/advisories/50739

secunia.com/advisories/57260

www.debian.org/security/2012/dsa-2440

www.gnu.org/software/gnutls/security.html

www.mandriva.com/security/advisories?name=MDVSA-2012:039

www.openwall.com/lists/oss-security/2012/03/20/3

www.openwall.com/lists/oss-security/2012/03/20/8

www.openwall.com/lists/oss-security/2012/03/21/5

www.securitytracker.com/id?1026829

www.ubuntu.com/usn/USN-1436-1

bugzilla.redhat.com/show_bug.cgi?id=804920

lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html

lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html

8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.927 High

EPSS

Percentile

99.0%

Related for PRION:CVE-2012-1569

nessus28 openvas48 fedora10 cve1 checkpoint_advisories2 veracode1 ubuntucve1 freebsd1 redhat4 securityvulns2 debian1 centos2 amazon1 gentoo1 altlinux1 ubuntu1 oraclelinux3 slackware1 suse1 ibm1 vmware2