exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2012-2131

Status Candidate

Overview

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.

Related Files

Apple Security Advisory 2013-06-04-1
Posted Jun 6, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-06-04-1 - OS X Mountain Lion version 10.8.4 and Security Update 2013-002 is now available and addresses over 30 security issues.

tags | advisory
systems | apple, osx
advisories | CVE-2012-2131, CVE-2012-2333, CVE-2012-4929, CVE-2012-5519, CVE-2013-0155, CVE-2013-0276, CVE-2013-0277, CVE-2013-0333, CVE-2013-0975, CVE-2013-0982, CVE-2013-0983, CVE-2013-0984, CVE-2013-0985, CVE-2013-0986, CVE-2013-0987, CVE-2013-0988, CVE-2013-0989, CVE-2013-0990, CVE-2013-1024, CVE-2013-1854, CVE-2013-1855, CVE-2013-1856, CVE-2013-1857
SHA-256 | 29c85f7c4991f40f099be32dac2f2a9438a7fc5388a3ae3de429d2a6ba9bb431
RSA BSAFE SSL-C 2.8.6 BEAST / Buffer Overflow Fixes
Posted Sep 11, 2012
Site emc.com

RSA BSAFE SSL-C version 2.8.6 contains fixes designed to prevent BEAST attacks and buffer overflow vulnerabilities.

tags | advisory, overflow, vulnerability
advisories | CVE-2011-3389, CVE-2012-2131, CVE-2012-2110
SHA-256 | 07866ead31523b9bb7ab72641a09d85bba54b75eb00d3fb5390de3d35846dc0e
HP Security Bulletin HPSBOV02793 SSRT100891
Posted Jun 23, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02793 SSRT100891 - Potential security vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0050, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2131
SHA-256 | 81afd5381e1f8df30bc1eda96940a682d60e52c9185ef5115fed35b8f301ab7c
HP Security Bulletin HPSBUX02782 SSRT100844
Posted May 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02782 SSRT100844 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2006-7250, CVE-2011-4619, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2131
SHA-256 | 457fa208b2d89d333fc3e7b1e79dda9d71c42a5448aba577490f3ef540898b99
Debian Security Advisory 2454-2
Posted Apr 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2454-2 - Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier.

tags | advisory
systems | linux, redhat, debian
advisories | CVE-2012-2131
SHA-256 | 7e348a26b106449f52510f57388768abb0d395544cec547906f51111b437e856
Mandriva Linux Security Advisory 2012-064
Posted Apr 25, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-064 - It was discovered that the fix for was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-2131
SHA-256 | ec7a43232cc989e79b3501b0f69ac7ec5d682e3b543f7d254621488da11de02d
Ubuntu Security Notice USN-1428-1
Posted Apr 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1428-1 - It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue. The original upstream fix for CVE-2012-2110 would cause BUF_MEM_grow_clean() to sometimes return the wrong error condition. This update fixes the problem. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2131, CVE-2012-2131
SHA-256 | 2289dbca4426d93d31dbb6364a90c4dd7c450eed99d5564b22b994ee965977e4
Page 1 of 1
Back1Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close