exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-1732-1

Posted Feb 21, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1732-1 - Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. Stephen Henson discovered that OpenSSL incorrectly performed signature verification for OCSP responses. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2012-2686, CVE-2013-0166, CVE-2013-0169, CVE-2012-2686, CVE-2013-0166, CVE-2013-0169

SHA-256 | 3840d7b0427c8c47a692ec2a92d448203e10c63f63d934450bf70540d9f0574d

Download | Favorite | View

Related Files

No related files