ID CVE-2012-1573
Summary gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:2.12.16:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:2.12.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 805432
    title CVE-2012-1573 gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment gnutls is earlier than 0:1.4.1-7.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120428001
          • comment gnutls is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20120319002
        • AND
          • comment gnutls-devel is earlier than 0:1.4.1-7.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120428003
          • comment gnutls-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20120319004
        • AND
          • comment gnutls-utils is earlier than 0:1.4.1-7.el5_8.2
            oval oval:com.redhat.rhsa:tst:20120428005
          • comment gnutls-utils is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20120319006
    rhsa
    id RHSA-2012:0428
    released 2012-03-27
    severity Important
    title RHSA-2012:0428: gnutls security update (Important)
  • bugzilla
    id 805432
    title CVE-2012-1573 gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment gnutls is earlier than 0:2.8.5-4.el6_2.2
            oval oval:com.redhat.rhsa:tst:20120429001
          • comment gnutls is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120429002
        • AND
          • comment gnutls-devel is earlier than 0:2.8.5-4.el6_2.2
            oval oval:com.redhat.rhsa:tst:20120429003
          • comment gnutls-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120429004
        • AND
          • comment gnutls-guile is earlier than 0:2.8.5-4.el6_2.2
            oval oval:com.redhat.rhsa:tst:20120429005
          • comment gnutls-guile is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120429006
        • AND
          • comment gnutls-utils is earlier than 0:2.8.5-4.el6_2.2
            oval oval:com.redhat.rhsa:tst:20120429007
          • comment gnutls-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20120429008
    rhsa
    id RHSA-2012:0429
    released 2012-03-27
    severity Important
    title RHSA-2012:0429: gnutls security update (Important)
  • rhsa
    id RHSA-2012:0488
  • rhsa
    id RHSA-2012:0531
rpms
  • gnutls-0:1.4.1-7.el5_8.2
  • gnutls-debuginfo-0:1.4.1-7.el5_8.2
  • gnutls-devel-0:1.4.1-7.el5_8.2
  • gnutls-utils-0:1.4.1-7.el5_8.2
  • gnutls-0:2.8.5-4.el6_2.2
  • gnutls-debuginfo-0:2.8.5-4.el6_2.2
  • gnutls-devel-0:2.8.5-4.el6_2.2
  • gnutls-guile-0:2.8.5-4.el6_2.2
  • gnutls-utils-0:2.8.5-4.el6_2.2
  • rhev-hypervisor6-0:6.2-20120423.1.el6_2
  • rhev-hypervisor6-tools-0:6.2-20120423.1.el6_2
refmap via4
bid 52667
bugtraq 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1
confirm
debian DSA-2441
fedora
  • FEDORA-2012-4569
  • FEDORA-2012-4578
mandriva MDVSA-2012:040
misc http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/
mlist
  • [gnutls-devel] 20120302 gnutls 2.12.16
  • [gnutls-devel] 20120302 gnutls 3.0.15
  • [oss-security] 20120321 CVE request: GnuTLS TLS record handling issue / MU-201202-01
  • [oss-security] 20120321 Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01
osvdb 80259
sectrack 1026828
secunia
  • 48488
  • 48511
  • 48596
  • 48712
  • 57260
suse SUSE-SU-2014:0320
ubuntu USN-1418-1
Last major update 18-01-2018 - 02:29
Published 26-03-2012 - 19:55
Last modified 18-01-2018 - 02:29
Back to Top