Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2012-1569
Description:The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.
Test IDs: 1.3.6.1.4.1.25623.1.0.71293   1.3.6.1.4.1.25623.1.0.71243   1.3.6.1.4.1.25623.1.0.71205   1.3.6.1.4.1.25623.1.0.71669   1.3.6.1.4.1.25623.1.0.72025   1.3.6.1.4.1.25623.1.0.72226   1.3.6.1.4.1.25623.1.0.72429   1.3.6.1.4.1.25623.1.0.123407   1.3.6.1.4.1.25623.1.0.123947   1.3.6.1.4.1.25623.1.0.123946   1.3.6.1.4.1.25623.1.0.881171   1.3.6.1.4.1.25623.1.0.831596   1.3.6.1.4.1.25623.1.0.864437   1.3.6.1.4.1.25623.1.0.864122   1.3.6.1.4.1.25623.1.0.864362   1.3.6.1.4.1.25623.1.0.864155   1.3.6.1.4.1.25623.1.0.840994   1.3.6.1.4.1.25623.1.0.864129   1.3.6.1.4.1.25623.1.0.864343   1.3.6.1.4.1.25623.1.0.864139   1.3.6.1.4.1.25623.1.0.870725   1.3.6.1.4.1.25623.1.0.864373   1.3.6.1.4.1.25623.1.0.864156   1.3.6.1.4.1.25623.1.0.864142   1.3.6.1.4.1.25623.1.0.120586   1.3.6.1.4.1.25623.1.1.4.2014.0320.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-1569
Bugtraq: 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html
Debian Security Information: DSA-2440 (Google Search)
http://www.debian.org/security/2012/dsa-2440
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:039
http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932
http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53
http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54
http://www.openwall.com/lists/oss-security/2012/03/20/3
http://www.openwall.com/lists/oss-security/2012/03/20/8
http://www.openwall.com/lists/oss-security/2012/03/21/5
RedHat Security Advisories: RHSA-2012:0427
http://rhn.redhat.com/errata/RHSA-2012-0427.html
RedHat Security Advisories: RHSA-2012:0488
http://rhn.redhat.com/errata/RHSA-2012-0488.html
RedHat Security Advisories: RHSA-2012:0531
http://rhn.redhat.com/errata/RHSA-2012-0531.html
http://www.securitytracker.com/id?1026829
http://secunia.com/advisories/48397
http://secunia.com/advisories/48488
http://secunia.com/advisories/48505
http://secunia.com/advisories/48578
http://secunia.com/advisories/48596
http://secunia.com/advisories/49002
http://secunia.com/advisories/50739
http://secunia.com/advisories/57260
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
http://www.ubuntu.com/usn/USN-1436-1




© 1998-2024 E-Soft Inc. All rights reserved.