SB2012041901 - Buffer overflow in OpenSSL
Published: April 19, 2012 Updated: July 28, 2020
Security Bulletin ID
SB2012041901
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2012-2110)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Remediation
Install update from vendor's website.
References
- http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
- http://cvs.openssl.org/chngview?cn=22431
- http://cvs.openssl.org/chngview?cn=22434
- http://cvs.openssl.org/chngview?cn=22439
- http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
- http://marc.info/?l=bugtraq&m=133728068926468&w=2
- http://marc.info/?l=bugtraq&m=133951357207000&w=2
- http://marc.info/?l=bugtraq&m=134039053214295&w=2
- http://osvdb.org/81223
- http://rhn.redhat.com/errata/RHSA-2012-0518.html
- http://rhn.redhat.com/errata/RHSA-2012-0522.html
- http://rhn.redhat.com/errata/RHSA-2012-1306.html
- http://rhn.redhat.com/errata/RHSA-2012-1307.html
- http://rhn.redhat.com/errata/RHSA-2012-1308.html
- http://secunia.com/advisories/48847
- http://secunia.com/advisories/48895
- http://secunia.com/advisories/48899
- http://secunia.com/advisories/48942
- http://secunia.com/advisories/48999
- http://secunia.com/advisories/57353
- http://support.apple.com/kb/HT5784
- http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
- http://www.debian.org/security/2012/dsa-2454
- http://www.exploit-db.com/exploits/18756
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
- http://www.openssl.org/news/secadv_20120419.txt
- http://www.securityfocus.com/bid/53158
- http://www.securitytracker.com/id?1026957
- http://www.ubuntu.com/usn/USN-1424-1
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
- https://kb.juniper.net/KB27376