Showing 1 - 7 of 7

CVE-2012-2131

Status Candidate

Overview

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.

Related Files

Apple Security Advisory 2013-06-04-1: Posted Jun 6, 2013; Authored by Apple | Site apple.com; Apple Security Advisory 2013-06-04-1 - OS X Mountain Lion version 10.8.4 and Security Update 2013-002 is now available and addresses over 30 security issues.; tags | advisory; systems | apple, osx; advisories | CVE-2012-2131, CVE-2012-2333, CVE-2012-4929, CVE-2012-5519, CVE-2013-0155, CVE-2013-0276, CVE-2013-0277, CVE-2013-0333, CVE-2013-0975, CVE-2013-0982, CVE-2013-0983, CVE-2013-0984, CVE-2013-0985, CVE-2013-0986, CVE-2013-0987, CVE-2013-0988, CVE-2013-0989, CVE-2013-0990, CVE-2013-1024, CVE-2013-1854, CVE-2013-1855, CVE-2013-1856, CVE-2013-1857; SHA-256 | 29c85f7c4991f40f099be32dac2f2a9438a7fc5388a3ae3de429d2a6ba9bb431; Download | Favorite | View

RSA BSAFE SSL-C 2.8.6 BEAST / Buffer Overflow Fixes: Posted Sep 11, 2012; Site emc.com; RSA BSAFE SSL-C version 2.8.6 contains fixes designed to prevent BEAST attacks and buffer overflow vulnerabilities.; tags | advisory, overflow, vulnerability; advisories | CVE-2011-3389, CVE-2012-2131, CVE-2012-2110; SHA-256 | 07866ead31523b9bb7ab72641a09d85bba54b75eb00d3fb5390de3d35846dc0e; Download | Favorite | View

HP Security Bulletin HPSBOV02793 SSRT100891: Posted Jun 23, 2012; Authored by HP | Site hp.com; HP Security Bulletin HPSBOV02793 SSRT100891 - Potential security vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.; tags | advisory, denial of service, vulnerability; advisories | CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0050, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2131; SHA-256 | 81afd5381e1f8df30bc1eda96940a682d60e52c9185ef5115fed35b8f301ab7c; Download | Favorite | View

HP Security Bulletin HPSBUX02782 SSRT100844: Posted May 18, 2012; Authored by HP | Site hp.com; HP Security Bulletin HPSBUX02782 SSRT100844 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.; tags | advisory, denial of service; systems | hpux; advisories | CVE-2006-7250, CVE-2011-4619, CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2131; SHA-256 | 457fa208b2d89d333fc3e7b1e79dda9d71c42a5448aba577490f3ef540898b99; Download | Favorite | View

Debian Security Advisory 2454-2: Posted Apr 25, 2012; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2454-2 - Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier.; tags | advisory; systems | linux, redhat, debian; advisories | CVE-2012-2131; SHA-256 | 7e348a26b106449f52510f57388768abb0d395544cec547906f51111b437e856; Download | Favorite | View

Mandriva Linux Security Advisory 2012-064: Posted Apr 25, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-064 - It was discovered that the fix for was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue.; tags | advisory; systems | linux, mandriva; advisories | CVE-2012-2131; SHA-256 | ec7a43232cc989e79b3501b0f69ac7ec5d682e3b543f7d254621488da11de02d; Download | Favorite | View

Ubuntu Security Notice USN-1428-1: Posted Apr 25, 2012; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1428-1 - It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue. The original upstream fix for CVE-2012-2110 would cause BUF_MEM_grow_clean() to sometimes return the wrong error condition. This update fixes the problem. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2012-2131, CVE-2012-2131; SHA-256 | 2289dbca4426d93d31dbb6364a90c4dd7c450eed99d5564b22b994ee965977e4; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2012-2131

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems