Vulnerability CVE-2012-4428

Vulnerability Name:

CVE-2012-4428 (CCN-78732)

Assigned:

2012-09-14

Published:

2012-09-14

Updated:

2019-12-16

Summary:

openslp: SLPIntersectStringList()' Function has a DoS vulnerability

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:openslp:openslp:1.2.1:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration CCN 1:

cpe:/a:openslp:openslp:1.2.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20124428	V	CVE-2012-4428	2022-05-20
oval:org.opensuse.security:def:55992	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:56111	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:34671	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31721	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:26183	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:30163	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:31720	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:34607	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:31304	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:55267	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:26154	P	Security update for ncurses (Moderate)	2021-10-20
oval:org.opensuse.security:def:26145	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:34558	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:32182	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:32174	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:33962	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:34500	P	Security update for mariadb (Important)	2021-08-06
oval:org.opensuse.security:def:26090	P	Security update for systemd (Moderate)	2021-07-20
oval:org.opensuse.security:def:26088	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:30220	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:32125	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:26079	P	Security update for gupnp (Important)	2021-06-18
oval:org.opensuse.security:def:55918	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:26078	P	Security update for libxml2 (Moderate)	2021-06-18
oval:org.opensuse.security:def:57461	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:56030	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36529	P	openslp-devel-1.2.0-172.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36254	P	openslp-1.2.0-172.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42661	P	openslp-1.2.0-172.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30074	P	Security update for the Linux Kernel (Important)	2021-05-17
oval:org.opensuse.security:def:32087	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:34646	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:31732	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:31342	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:54750	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2021-02-10
oval:org.opensuse.security:def:55826	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:34342	P	Security update for openexr (Moderate)	2020-12-23
oval:org.opensuse.security:def:33878	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:42756	P	libslp1-openssl1-1.2.0-172.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36349	P	libslp1-openssl1-1.2.0-172.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31816	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:26976	P	libtspi1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30603	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:33178	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25899	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26603	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30306	P	Security update for t1lib	2020-12-01
oval:org.opensuse.security:def:32530	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27217	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27348	P	libsnmp15-openssl1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26577	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27175	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26240	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:27979	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:33312	P	libslp1-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27634	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:32330	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27347	P	libslp1-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29857	P	Security update for the Linux Kernel	2020-12-01
oval:org.opensuse.security:def:31938	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26796	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28763	P	Security update for LibreOffice	2020-12-01
oval:org.opensuse.security:def:31815	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.opensuse.security:def:26504	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:30564	P	Security update for poppler	2020-12-01
oval:org.opensuse.security:def:32540	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25898	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26475	P	Recommended update for enigmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:32481	P	NetworkManager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54610	P	libssh4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26528	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27131	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33867	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:27926	P	Security update for GraphicsMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:33273	P	tftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27552	P	ruby-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55433	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:27312	P	unrar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29856	P	Security update for Linux Kernel	2020-12-01
oval:org.opensuse.security:def:31806	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34253	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:26757	P	libopensc2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28125	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:25879	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:26420	P	Security update for phpMyAdmin (Moderate)	2020-12-01
oval:org.opensuse.security:def:30515	P	Security update for ghostscript	2020-12-01
oval:org.opensuse.security:def:32496	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35394	P	Security update for OpenSLP	2020-12-01
oval:org.opensuse.security:def:26411	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:32425	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:26535	P	cyrus-imapd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27527	P	openslp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54588	P	libpolkit0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32033	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26380	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:27117	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33866	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:26825	P	sysconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32635	P	apache2-mod_php5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27424	P	kdelibs3-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26674	P	boost-license on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34196	P	Security update for patch (Important)	2020-12-01
oval:org.opensuse.security:def:26708	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28081	P	Security update for gcc48 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25815	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26363	P	Security update for libgit2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30460	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32474	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:35353	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:26400	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26521	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27492	P	libtiff-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54587	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31901	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)	2020-12-01
oval:org.opensuse.security:def:26229	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.opensuse.security:def:27078	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30666	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25974	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26741	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32591	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27360	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55161	P	lcms2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26630	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27848	P	Security update for OpenSLP	2020-12-01
oval:org.opensuse.security:def:34098	P	Security update to ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:26655	P	xterm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28067	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:57387	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:25804	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26282	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:27775	P	Security update for kdebase4-workspace (Moderate)	2020-12-01
oval:org.opensuse.security:def:32435	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34715	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26399	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:29942	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:26482	P	Security update for ffmpeg-4 (Low)	2020-12-01
oval:org.opensuse.security:def:26854	P	NetworkManager-gnome on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31827	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:27029	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30622	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:33217	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:26684	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55718	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:32569	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27252	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27349	P	mailx-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54988	P	ppp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26616	P	mutt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27813	P	Security update for librsvg (Important)	2020-12-01
oval:org.opensuse.security:def:26324	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:28028	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:25803	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:27691	P	Security update for xorg-x11-libXt	2020-12-01
oval:org.opensuse.security:def:32386	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29868	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32030	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26433	P	Security update for MozillaThunderbird (Critical)	2020-12-01
oval:org.opensuse.security:def:26810	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28798	P	Security update for OpenSLP	2020-12-01
oval:org.opensuse.security:def:80095	P	Security update for OpenSLP	2015-05-06
oval:com.ubuntu.precise:def:20124428000	V	CVE-2012-4428 on Ubuntu 12.04 LTS (precise) - low.	2012-09-13
oval:com.ubuntu.trusty:def:20124428000	V	CVE-2012-4428 on Ubuntu 14.04 LTS (trusty) - low.	2012-09-13

BACK