ID CVE-2012-2333
Summary Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
References
Vulnerable Configurations
  • OpenSSL Project OpenSSL 0.9.1c
    cpe:2.3:a:openssl:openssl:0.9.1c
  • OpenSSL Project OpenSSL 0.9.2b
    cpe:2.3:a:openssl:openssl:0.9.2b
  • OpenSSL Project OpenSSL 0.9.3
    cpe:2.3:a:openssl:openssl:0.9.3
  • OpenSSL Project OpenSSL 0.9.3a
    cpe:2.3:a:openssl:openssl:0.9.3a
  • OpenSSL Project OpenSSL 0.9.4
    cpe:2.3:a:openssl:openssl:0.9.4
  • OpenSSL Project OpenSSL 0.9.5
    cpe:2.3:a:openssl:openssl:0.9.5
  • OpenSSL Project OpenSSL 0.9.5 Beta1
    cpe:2.3:a:openssl:openssl:0.9.5:beta1
  • OpenSSL Project OpenSSL 0.9.5 Beta2
    cpe:2.3:a:openssl:openssl:0.9.5:beta2
  • OpenSSL Project OpenSSL 0.9.5a
    cpe:2.3:a:openssl:openssl:0.9.5a
  • OpenSSL Project OpenSSL 0.9.5a Beta1
    cpe:2.3:a:openssl:openssl:0.9.5a:beta1
  • OpenSSL Project OpenSSL 0.9.5a Beta2
    cpe:2.3:a:openssl:openssl:0.9.5a:beta2
  • OpenSSL Project OpenSSL 0.9.6
    cpe:2.3:a:openssl:openssl:0.9.6
  • OpenSSL Project OpenSSL 0.9.6 Beta1
    cpe:2.3:a:openssl:openssl:0.9.6:beta1
  • OpenSSL Project OpenSSL 0.9.6 Beta2
    cpe:2.3:a:openssl:openssl:0.9.6:beta2
  • OpenSSL Project OpenSSL 0.9.6 Beta3
    cpe:2.3:a:openssl:openssl:0.9.6:beta3
  • OpenSSL Project OpenSSL 0.9.6a
    cpe:2.3:a:openssl:openssl:0.9.6a
  • OpenSSL Project OpenSSL 0.9.6a Beta1
    cpe:2.3:a:openssl:openssl:0.9.6a:beta1
  • OpenSSL Project OpenSSL 0.9.6a Beta2
    cpe:2.3:a:openssl:openssl:0.9.6a:beta2
  • OpenSSL Project OpenSSL 0.9.6a Beta3
    cpe:2.3:a:openssl:openssl:0.9.6a:beta3
  • OpenSSL Project OpenSSL 0.9.6b
    cpe:2.3:a:openssl:openssl:0.9.6b
  • OpenSSL Project OpenSSL 0.9.6c
    cpe:2.3:a:openssl:openssl:0.9.6c
  • OpenSSL Project OpenSSL 0.9.6d
    cpe:2.3:a:openssl:openssl:0.9.6d
  • OpenSSL Project OpenSSL 0.9.6e
    cpe:2.3:a:openssl:openssl:0.9.6e
  • OpenSSL Project OpenSSL 0.9.6f
    cpe:2.3:a:openssl:openssl:0.9.6f
  • OpenSSL Project OpenSSL 0.9.6g
    cpe:2.3:a:openssl:openssl:0.9.6g
  • OpenSSL Project OpenSSL 0.9.6h
    cpe:2.3:a:openssl:openssl:0.9.6h
  • OpenSSL Project OpenSSL 0.9.6i
    cpe:2.3:a:openssl:openssl:0.9.6i
  • OpenSSL Project OpenSSL 0.9.6j
    cpe:2.3:a:openssl:openssl:0.9.6j
  • OpenSSL Project OpenSSL 0.9.6k
    cpe:2.3:a:openssl:openssl:0.9.6k
  • OpenSSL Project OpenSSL 0.9.6l
    cpe:2.3:a:openssl:openssl:0.9.6l
  • OpenSSL Project OpenSSL 0.9.6m
    cpe:2.3:a:openssl:openssl:0.9.6m
  • OpenSSL Project OpenSSL 0.9.7
    cpe:2.3:a:openssl:openssl:0.9.7
  • OpenSSL Project OpenSSL 0.9.7 beta1
    cpe:2.3:a:openssl:openssl:0.9.7:beta1
  • OpenSSL Project OpenSSL 0.9.7 beta2
    cpe:2.3:a:openssl:openssl:0.9.7:beta2
  • OpenSSL Project OpenSSL 0.9.7 beta3
    cpe:2.3:a:openssl:openssl:0.9.7:beta3
  • OpenSSL Project OpenSSL 0.9.7 Beta4
    cpe:2.3:a:openssl:openssl:0.9.7:beta4
  • OpenSSL Project OpenSSL 0.9.7 Beta5
    cpe:2.3:a:openssl:openssl:0.9.7:beta5
  • OpenSSL Project OpenSSL 0.9.7 Beta6
    cpe:2.3:a:openssl:openssl:0.9.7:beta6
  • OpenSSL Project OpenSSL 0.9.7a
    cpe:2.3:a:openssl:openssl:0.9.7a
  • OpenSSL Project OpenSSL 0.9.7b
    cpe:2.3:a:openssl:openssl:0.9.7b
  • OpenSSL Project OpenSSL 0.9.7c
    cpe:2.3:a:openssl:openssl:0.9.7c
  • OpenSSL Project OpenSSL 0.9.7d
    cpe:2.3:a:openssl:openssl:0.9.7d
  • OpenSSL Project OpenSSL 0.9.7e
    cpe:2.3:a:openssl:openssl:0.9.7e
  • OpenSSL Project OpenSSL 0.9.7f
    cpe:2.3:a:openssl:openssl:0.9.7f
  • OpenSSL Project OpenSSL 0.9.7g
    cpe:2.3:a:openssl:openssl:0.9.7g
  • OpenSSL Project OpenSSL 0.9.7h
    cpe:2.3:a:openssl:openssl:0.9.7h
  • OpenSSL Project OpenSSL 0.9.7i
    cpe:2.3:a:openssl:openssl:0.9.7i
  • OpenSSL Project OpenSSL 0.9.7j
    cpe:2.3:a:openssl:openssl:0.9.7j
  • OpenSSL Project OpenSSL 0.9.7k
    cpe:2.3:a:openssl:openssl:0.9.7k
  • OpenSSL Project OpenSSL 0.9.7l
    cpe:2.3:a:openssl:openssl:0.9.7l
  • OpenSSL Project OpenSSL 0.9.7m
    cpe:2.3:a:openssl:openssl:0.9.7m
  • OpenSSL Project OpenSSL 0.9.8
    cpe:2.3:a:openssl:openssl:0.9.8
  • OpenSSL Project OpenSSL 0.9.8a
    cpe:2.3:a:openssl:openssl:0.9.8a
  • OpenSSL Project OpenSSL 0.9.8b
    cpe:2.3:a:openssl:openssl:0.9.8b
  • OpenSSL Project OpenSSL 0.9.8c
    cpe:2.3:a:openssl:openssl:0.9.8c
  • OpenSSL Project OpenSSL 0.9.8d
    cpe:2.3:a:openssl:openssl:0.9.8d
  • OpenSSL Project OpenSSL 0.9.8e
    cpe:2.3:a:openssl:openssl:0.9.8e
  • OpenSSL Project OpenSSL 0.9.8f
    cpe:2.3:a:openssl:openssl:0.9.8f
  • OpenSSL Project OpenSSL 0.9.8g
    cpe:2.3:a:openssl:openssl:0.9.8g
  • OpenSSL Project OpenSSL 0.9.8h
    cpe:2.3:a:openssl:openssl:0.9.8h
  • OpenSSL Project OpenSSL 0.9.8i
    cpe:2.3:a:openssl:openssl:0.9.8i
  • OpenSSL Project OpenSSL 0.9.8j
    cpe:2.3:a:openssl:openssl:0.9.8j
  • OpenSSL Project OpenSSL 0.9.8k
    cpe:2.3:a:openssl:openssl:0.9.8k
  • OpenSSL Project OpenSSL 0.9.8l
    cpe:2.3:a:openssl:openssl:0.9.8l
  • OpenSSL Project OpenSSL 0.9.8m
    cpe:2.3:a:openssl:openssl:0.9.8m
  • OpenSSL Project OpenSSL 0.9.8m Beta1
    cpe:2.3:a:openssl:openssl:0.9.8m:beta1
  • OpenSSL Project OpenSSL 0.9.8n
    cpe:2.3:a:openssl:openssl:0.9.8n
  • OpenSSL Project OpenSSL 0.9.8o
    cpe:2.3:a:openssl:openssl:0.9.8o
  • OpenSSL Project OpenSSL 0.9.8p
    cpe:2.3:a:openssl:openssl:0.9.8p
  • OpenSSL Project OpenSSL 0.9.8q
    cpe:2.3:a:openssl:openssl:0.9.8q
  • OpenSSL Project OpenSSL 0.9.8r
    cpe:2.3:a:openssl:openssl:0.9.8r
  • OpenSSL Project OpenSSL 0.9.8s
    cpe:2.3:a:openssl:openssl:0.9.8s
  • OpenSSL Project OpenSSL 0.9.8t
    cpe:2.3:a:openssl:openssl:0.9.8t
  • OpenSSL Project OpenSSL 0.9.8u
    cpe:2.3:a:openssl:openssl:0.9.8u
  • OpenSSL Project OpenSSL 0.9.8v
    cpe:2.3:a:openssl:openssl:0.9.8v
  • OpenSSL Project OpenSSL 0.9.8w
    cpe:2.3:a:openssl:openssl:0.9.8w
  • Red Hat openssl 0.9.6.15
    cpe:2.3:a:redhat:openssl:0.9.6-15
  • Red Hat openssl 0.9.6b3
    cpe:2.3:a:redhat:openssl:0.9.6b-3
  • Red Hat openssl 0.9.7a2
    cpe:2.3:a:redhat:openssl:0.9.7a-2
  • OpenSSL Project OpenSSL 1.0.0
    cpe:2.3:a:openssl:openssl:1.0.0
  • OpenSSL Project OpenSSL 1.0.0 Beta1
    cpe:2.3:a:openssl:openssl:1.0.0:beta1
  • OpenSSL Project OpenSSL 1.0.0 Beta2
    cpe:2.3:a:openssl:openssl:1.0.0:beta2
  • OpenSSL Project OpenSSL 1.0.0 Beta3
    cpe:2.3:a:openssl:openssl:1.0.0:beta3
  • OpenSSL Project OpenSSL 1.0.0 Beta4
    cpe:2.3:a:openssl:openssl:1.0.0:beta4
  • OpenSSL Project OpenSSL 1.0.0 Beta5
    cpe:2.3:a:openssl:openssl:1.0.0:beta5
  • OpenSSL Project OpenSSL 1.0.0a
    cpe:2.3:a:openssl:openssl:1.0.0a
  • OpenSSL Project OpenSSL 1.0.0b
    cpe:2.3:a:openssl:openssl:1.0.0b
  • OpenSSL Project OpenSSL 1.0.0c
    cpe:2.3:a:openssl:openssl:1.0.0c
  • OpenSSL Project OpenSSL 1.0.0d
    cpe:2.3:a:openssl:openssl:1.0.0d
  • OpenSSL Project OpenSSL 1.0.0e
    cpe:2.3:a:openssl:openssl:1.0.0e
  • OpenSSL Project OpenSSL 1.0.0f
    cpe:2.3:a:openssl:openssl:1.0.0f
  • OpenSSL Project OpenSSL 1.0.0g
    cpe:2.3:a:openssl:openssl:1.0.0g
  • OpenSSL Project OpenSSL 1.0.0h
    cpe:2.3:a:openssl:openssl:1.0.0h
  • OpenSSL Project OpenSSL 1.0.1
    cpe:2.3:a:openssl:openssl:1.0.1
  • OpenSSL Project OpenSSL 1.0.1 Beta1
    cpe:2.3:a:openssl:openssl:1.0.1:beta1
  • OpenSSL Project OpenSSL 1.0.1 Beta2
    cpe:2.3:a:openssl:openssl:1.0.1:beta2
  • OpenSSL Project OpenSSL 1.0.1 Beta3
    cpe:2.3:a:openssl:openssl:1.0.1:beta3
  • OpenSSL Project OpenSSL 1.0.1a
    cpe:2.3:a:openssl:openssl:1.0.1a
  • OpenSSL Project OpenSSL 1.0.1b
    cpe:2.3:a:openssl:openssl:1.0.1b
CVSS
Base: 6.8 (as of 15-05-2012 - 10:42)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2012-308.NASL
    description Specially crafted DER files could trigger a memory corruption in openssl
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 74641
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74641
    title openSUSE Security Update : openssl (openSUSE-2012-308)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_4.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.4. The newer version contains multiple security-related fixes for the following components : - CFNetwork - CoreAnimation - CoreMedia Playback - CUPS - Disk Management - OpenSSL - QuickDraw Manager - QuickTime - SMB
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 66808
    published 2013-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66808
    title Mac OS X 10.8.x < 10.8.4 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-0699.NASL
    description Updated openssl packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-block chaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Codenomicon as the original reporter. On Red Hat Enterprise Linux 6, this update also fixes an uninitialized variable use bug, introduced by the fix for CVE-2012-0884 (released via RHSA-2012:0426). This bug could possibly cause an attempt to create an encrypted message in the CMS (Cryptographic Message Syntax) format to fail. All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 59307
    published 2012-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59307
    title RHEL 5 / 6 : openssl (RHSA-2012:0699)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0007.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv everywhere instead of getenv (#839735) - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185) - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) - add known answer test for SHA2 algorithms (#740866) - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410) - fix incorrect return value in parse_yesno (#726593) - added DigiCert CA certificates to ca-bundle (#735819) - added a new section about error states to README.FIPS (#628976) - add missing DH_check_pub_key call when DH key is computed (#698175) - presort list of ciphers available in SSL (#688901) - accept connection in s_server even if getaddrinfo fails (#561260) - point to openssl dgst for list of supported digests (#608639) - fix handling of future TLS versions (#599112) - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856) - upstream fixes for the CHIL engine (#622003, #671484) - add SHA-2 hashes in SSL_library_init (#676384) - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462) - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774) - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125) - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79531
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79531
    title OracleVM 2.2 : openssl (OVMSA-2014-0007)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENSSL-8143.NASL
    description This update of openssl fixes the following denial of service vulnerabilities : - Denial of Service via CBC mode handling. (CVE-2012-2333) - A deadlock condition introduced by the previous memory leak fix due to entering a lock twice. This would only happen in multithreaded programs. In addition, openssl's cms subcommand (Crypthographic Message Syntax) has been enabled.
    last seen 2019-02-21
    modified 2012-05-31
    plugin id 59316
    published 2012-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59316
    title SuSE 10 Security Update : openssl (ZYPP Patch Number 8143)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2012-0699.NASL
    description From Red Hat Security Advisory 2012:0699 : Updated openssl packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-block chaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Codenomicon as the original reporter. On Red Hat Enterprise Linux 6, this update also fixes an uninitialized variable use bug, introduced by the fix for CVE-2012-0884 (released via RHSA-2012:0426). This bug could possibly cause an attempt to create an encrypted message in the CMS (Cryptographic Message Syntax) format to fail. All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68533
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68533
    title Oracle Linux 5 / 6 : openssl (ELSA-2012-0699)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20120529_OPENSSL_ON_SL5_X.NASL
    description An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-blockchaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333) On SL6 this update also fixes an uninitialized variable use bug, introduced by the fix for CVE-2012-0884. This bug could possibly cause an attempt to create an encrypted message in the CMS (Cryptographic Message Syntax) format to fail. For the update to take effect all services linked to the OpenSSL library must be restarted.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61320
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61320
    title Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2013-002.NASL
    description The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-002 applied. This update contains numerous security-related fixes for the following components : - CoreMedia Playback (10.7 only) - Directory Service (10.6 only) - OpenSSL - QuickDraw Manager - QuickTime - Ruby (10.6 only) - SMB (10.7 only)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 66809
    published 2013-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66809
    title Mac OS X Multiple Vulnerabilities (Security Update 2013-002)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0008.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv everywhere instead of getenv (#839735) - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio (#814185) - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4109 - double free in policy checks (#771771) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) - add known answer test for SHA2 algorithms (#740866) - make default private key length in certificate Makefile 2048 bits (can be changed with PRIVATE_KEY_BITS setting) (#745410) - fix incorrect return value in parse_yesno (#726593) - added DigiCert CA certificates to ca-bundle (#735819) - added a new section about error states to README.FIPS (#628976) - add missing DH_check_pub_key call when DH key is computed (#698175) - presort list of ciphers available in SSL (#688901) - accept connection in s_server even if getaddrinfo fails (#561260) - point to openssl dgst for list of supported digests (#608639) - fix handling of future TLS versions (#599112) - added VeriSign Class 3 Public Primary Certification Authority - G5 and StartCom Certification Authority certs to ca-bundle (#675671, #617856) - upstream fixes for the CHIL engine (#622003, #671484) - add SHA-2 hashes in SSL_library_init (#676384) - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462) - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774) - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125) - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data is called prematurely by application (#546707)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 79532
    published 2014-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79532
    title OracleVM 3.2 : onpenssl (OVMSA-2014-0008)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1451-1.NASL
    description Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). (CVE-2012-0884) It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. (CVE-2012-2333). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 59289
    published 2012-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59289
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : openssl vulnerabilities (USN-1451-1)
  • NASL family AIX Local Security Checks
    NASL id AIX_OPENSSL_ADVISORY4.NASL
    description The version of OpenSSL running on the remote host is affected by the following vulnerabilities : - The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack. (CVE-2012-0884) - The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. (CVE-2012-1165) - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110) - Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110. (CVE-2012-2131) - Integer underflow in OpenSSL when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over- read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. (CVE-2012-2333)
    last seen 2019-02-21
    modified 2018-07-17
    plugin id 73562
    published 2014-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73562
    title AIX OpenSSL Advisory : openssl_advisory4.asc
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201312-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-201312-03 (OpenSSL: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact : Remote attackers can determine private keys, decrypt data, cause a Denial of Service or possibly have other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 71169
    published 2013-12-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71169
    title GLSA-201312-03 : OpenSSL: Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-18035.NASL
    description Update to 1.0.1c and synced all patches with Fedora openssl-1.0.1c-7.fc19 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 63031
    published 2012-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63031
    title Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_DBA5D1C99F2911E1B511003067C2616F.NASL
    description OpenSSL security team reports : A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and DTLS can be exploited in a denial of service attack on both clients and servers.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 59104
    published 2012-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59104
    title FreeBSD : OpenSSL -- DTLS and TLS 1.1, 1.2 denial of service (dba5d1c9-9f29-11e1-b511-003067c2616f)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_OPENSSL_20120814.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. (CVE-2012-2333)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80718
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80718
    title Oracle Solaris Third-Party Patch Update : openssl (cve_2012_2333_denial_of)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-7939.NASL
    description This is new minor upstream update fixing moderate security issue CVE-2012-2333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 59295
    published 2012-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59295
    title Fedora 17 : openssl-1.0.0j-1.fc17 (2012-7939)
  • NASL family Web Servers
    NASL id OPENSSL_0_9_8X.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 0.9.8 earlier than 0.9.8x. As such, the OpenSSL library itself is reportedly affected by a denial of service vulnerability. An integer underflow error exists in the file 'ssl/d1_enc.c' in the function 'dtls1_enc'. When in CBC mode, DTLS record length values and explicit initialization vector length values related to DTLS packets are not handled properly, which can lead to memory corruption and application crashes.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59076
    published 2012-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59076
    title OpenSSL 0.9.8 < 0.9.8x DTLS CBC Denial of Service
  • NASL family Web Servers
    NASL id OPENSSL_1_0_1C.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 1.0.1 earlier than 1.0.1c. As such, the OpenSSL library itself is reportedly affected by a denial of service vulnerability. An integer underflow error exists in the file 'ssl/d1_enc.c' in the function 'dtls1_enc'. When in CBC mode, TLS/DTLS record length values and explicit initialization vector length values related to TLS/DTLS packets are not handled properly, which can lead to memory corruption and application crashes.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59078
    published 2012-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59078
    title OpenSSL 1.0.1 < 1.0.1c TLS/DTLS CBC Denial of Service
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2012-073.NASL
    description A vulnerability has been found and corrected in openssl : A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers (CVE-2012-2333). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 59087
    published 2012-05-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59087
    title Mandriva Linux Security Advisory : openssl (MDVSA-2012:073)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2012-85.NASL
    description An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-block chaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69692
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69692
    title Amazon Linux AMI : openssl (ALAS-2012-85)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-8014.NASL
    description This is new minor upstream update fixing moderate security issue CVE-2012-2333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 59332
    published 2012-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59332
    title Fedora 16 : openssl-1.0.0j-1.fc16 (2012-8014)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15401.NASL
    description Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. (CVE-2012-2333)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78182
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78182
    title F5 Networks BIG-IP : OpenSSL vulnerability (SOL15401)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBOPENSSL-DEVEL-120524.NASL
    description This update of openssl fixes the following denial of service vulnerabilities : - Denial of Service via CBC mode handling. (CVE-2012-2333) - A deadlock condition introduced by the previous memory leak fix due to entering a lock twice. This would only happen in multithreaded programs. In addition, openssl's cms subcommand (Crypthographic Message Syntax) has been enabled.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 64185
    published 2013-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64185
    title SuSE 11.1 Security Update : openssl (SAT Patch Number 6350)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2012-0699.NASL
    description Updated openssl packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-block chaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Codenomicon as the original reporter. On Red Hat Enterprise Linux 6, this update also fixes an uninitialized variable use bug, introduced by the fix for CVE-2012-0884 (released via RHSA-2012:0426). This bug could possibly cause an attempt to create an encrypted message in the CMS (Cryptographic Message Syntax) format to fail. All OpenSSL users should upgrade to these updated packages, which contain a backported patch to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59294
    published 2012-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59294
    title CentOS 5 / 6 : openssl (CESA-2012:0699)
  • NASL family Web Servers
    NASL id OPENSSL_1_0_0J.NASL
    description According to its banner, the remote web server is running a version of OpenSSL 1.0.0 earlier than 1.0.0j. As such, the OpenSSL library itself is reportedly affected by a denial of service vulnerability. An integer underflow error exists in the file 'ssl/d1_enc.c' in the function 'dtls1_enc'. When in CBC mode, DTLS record length values and explicit initialization vector length values related to DTLS packets are not handled properly, which can lead to memory corruption and application crashes.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 59077
    published 2012-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59077
    title OpenSSL 1.0.0 < 1.0.0j DTLS CBC Denial of Service
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-8024.NASL
    description This is new minor upstream update fixing moderate security issue CVE-2012-2333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 59333
    published 2012-06-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59333
    title Fedora 15 : openssl-1.0.0j-1.fc15 (2012-8024)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2475.NASL
    description It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service (application crash.)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 59183
    published 2012-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59183
    title Debian DSA-2475-1 : openssl - integer underflow
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10659.NASL
    description According to its self-reported version number, the remote Junos Space version is prior to 14.1R1. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in the bundled OpenSSL CentOS package. (CVE-2011-4109, CVE-2011-4576, CVE-2011-4619, CVE-2012-0884, CVE-2012-2110, CVE-2012-2333, CVE-2013-0166, CVE-2013-0169, CVE-2014-0224) - Multiple vulnerabilities in Oracle MySQL. (CVE-2013-5908) - Multiple vulnerabilities in the Oracle Java runtime. (CVE-2014-0411, CVE-2014-0423, CVE-2014-4244, CVE-2014-0453, CVE-2014-0460, CVE-2014-4263, CVE-2014-4264)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 80197
    published 2014-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80197
    title Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)
redhat via4
advisories
  • bugzilla
    id 820686
    title CVE-2012-2333 openssl: record length handling integer underflow
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment openssl is earlier than 0:1.0.0-20.el6_2.5
            oval oval:com.redhat.rhsa:tst:20120699005
          • comment openssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888006
        • AND
          • comment openssl-devel is earlier than 0:1.0.0-20.el6_2.5
            oval oval:com.redhat.rhsa:tst:20120699007
          • comment openssl-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888012
        • AND
          • comment openssl-perl is earlier than 0:1.0.0-20.el6_2.5
            oval oval:com.redhat.rhsa:tst:20120699009
          • comment openssl-perl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888008
        • AND
          • comment openssl-static is earlier than 0:1.0.0-20.el6_2.5
            oval oval:com.redhat.rhsa:tst:20120699011
          • comment openssl-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100888010
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment openssl is earlier than 0:0.9.8e-22.el5_8.4
            oval oval:com.redhat.rhsa:tst:20120699014
          • comment openssl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964003
        • AND
          • comment openssl-devel is earlier than 0:0.9.8e-22.el5_8.4
            oval oval:com.redhat.rhsa:tst:20120699018
          • comment openssl-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964005
        • AND
          • comment openssl-perl is earlier than 0:0.9.8e-22.el5_8.4
            oval oval:com.redhat.rhsa:tst:20120699016
          • comment openssl-perl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070964007
    rhsa
    id RHSA-2012:0699
    released 2012-05-29
    severity Moderate
    title RHSA-2012:0699: openssl security and bug fix update (Moderate)
  • rhsa
    id RHSA-2012:1306
  • rhsa
    id RHSA-2012:1307
  • rhsa
    id RHSA-2012:1308
rpms
  • openssl-0:1.0.0-20.el6_2.5
  • openssl-devel-0:1.0.0-20.el6_2.5
  • openssl-perl-0:1.0.0-20.el6_2.5
  • openssl-static-0:1.0.0-20.el6_2.5
  • openssl-0:0.9.8e-22.el5_8.4
  • openssl-devel-0:0.9.8e-22.el5_8.4
  • openssl-perl-0:0.9.8e-22.el5_8.4
refmap via4
apple APPLE-SA-2013-06-04-1
bid 53476
cert-vn VU#737740
confirm
debian DSA-2475
fedora
  • FEDORA-2012-18035
  • FEDORA-2012-7939
hp
  • HPSBOV02852
  • HPSBUX02814
  • SSRT100930
  • SSRT101108
mandriva MDVSA-2012:073
misc http://www.cert.fi/en/reports/2012/vulnerability641549.html
sectrack 1027057
secunia
  • 49116
  • 49208
  • 49324
  • 50768
  • 51312
suse
  • SUSE-SU-2012:0678
  • SUSE-SU-2012:0679
xf openssl-tls-record-dos(75525)
Last major update 22-08-2016 - 22:05
Published 14-05-2012 - 18:55
Last modified 04-01-2018 - 21:29
Back to Top