Oval Definition:oval:org.mitre.oval:def:21388
Revision Date:2014-02-24Version:11
Title:RHSA-2012:0699: openssl security and bug fix update (Moderate)
Description:Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:0699
CVE-2012-2333
RHSA-2012:0699-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):openssl
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • openssl-devel is earlier than 0:0.9.8e-22.el5_8.4
  • OR openssl-perl is earlier than 0:0.9.8e-22.el5_8.4
  • OR openssl is earlier than 0:0.9.8e-22.el5_8.4
  • Operation system section
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • openssl-devel is earlier than 0:1.0.0-20.el6_2.5
  • OR openssl-static is earlier than 0:1.0.0-20.el6_2.5
  • OR openssl-perl is earlier than 0:1.0.0-20.el6_2.5
  • OR openssl is earlier than 0:1.0.0-20.el6_2.5
    • BACK