Vulnerability Name:

CVE-2012-4428 (CCN-78732)

Assigned:2012-09-14
Published:2012-09-14
Updated:2019-12-16
Summary:openslp: SLPIntersectStringList()' Function has a DoS vulnerability
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-125
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2012-4428

Source: MISC
Type: Mailing List, Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html

Source: CCN
Type: SA50130
OpenSLP "SLPIntersectStringList()" Denial of Service Vulnerability

Source: CCN
Type: OpenSLP Web Page
OpenSLP

Source: MISC
Type: Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/09/13/27

Source: CCN
Type: BID-55540
OpenSLP 'SLPIntersectStringList()' Function Denial of Service Vulnerability

Source: MISC
Type: Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/55540

Source: MISC
Type: Third Party Advisory
http://www.ubuntu.com/usn/USN-2730-1

Source: MISC
Type: Third Party Advisory
https://access.redhat.com/security/cve/cve-2012-4428

Source: CCN
Type: Red Hat Bugzilla Bug 857245
CVE-2012-4428 openslp: out-of-bounds read in SLPIntersectStringList() can cause DoS [fedora-all]

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4428

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-4428

Source: MISC
Type: Third Party Advisory, VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78732

Source: XF
Type: UNKNOWN
openslp-slpintersectstringlist-dos(78732)

Source: MISC
Type: Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2012-4428

Source: MISC
Type: Third Party Advisory
https://security.gentoo.org/glsa/201707-05

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openslp:openslp:1.2.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:20:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openslp:openslp:1.2.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20124428
    V
    		CVE-2012-4428
    2022-05-20
    oval:org.opensuse.security:def:55992
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:56111
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:34671
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:31721
    P
    		Security update for log4j (Important)
    2021-12-17
    oval:org.opensuse.security:def:26183
    P
    		Security update for xorg-x11-server (Important)
    2021-12-14
    oval:org.opensuse.security:def:30163
    P
    		Security update for xorg-x11-server (Important)
    2021-12-14
    oval:org.opensuse.security:def:31720
    P
    		Security update for xorg-x11-server (Important)
    2021-12-14
    oval:org.opensuse.security:def:34607
    P
    		Security update for the Linux Kernel (Important)
    2021-12-02
    oval:org.opensuse.security:def:31304
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:55267
    P
    		Security update for samba (Important)
    2021-11-16
    oval:org.opensuse.security:def:26154
    P
    		Security update for ncurses (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:26145
    P
    		Security update for the Linux Kernel (Important)
    2021-10-12
    oval:org.opensuse.security:def:34558
    P
    		Security update for libqt5-qtsvg (Moderate)
    2021-10-11
    oval:org.opensuse.security:def:32182
    P
    		Security update for transfig (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:32174
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:33962
    P
    		Security update for openssl-1_0_0 (Important)
    2021-08-24
    oval:org.opensuse.security:def:26102
    P
    		Security update for php72 (Important)
    2021-08-06
    oval:org.opensuse.security:def:34500
    P
    		Security update for mariadb (Important)
    2021-08-06
    oval:org.opensuse.security:def:26090
    P
    		Security update for systemd (Moderate)
    2021-07-20
    oval:org.opensuse.security:def:26088
    P
    		Security update for the Linux Kernel (Important)
    2021-07-14
    oval:org.opensuse.security:def:30220
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:32125
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:26079
    P
    		Security update for gupnp (Important)
    2021-06-18
    oval:org.opensuse.security:def:55918
    P
    		Security update for xterm (Important)
    2021-06-18
    oval:org.opensuse.security:def:26078
    P
    		Security update for libxml2 (Moderate)
    2021-06-18
    oval:org.opensuse.security:def:57461
    P
    		Security update for caribou (Important)
    2021-06-10
    oval:org.opensuse.security:def:56030
    P
    		Security update for libX11 (Important)
    2021-06-08
    oval:org.opensuse.security:def:36529
    P
    		openslp-devel-1.2.0-172.24.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36254
    P
    		openslp-1.2.0-172.24.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42661
    P
    		openslp-1.2.0-172.24.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:30074
    P
    		Security update for the Linux Kernel (Important)
    2021-05-17
    oval:org.opensuse.security:def:32087
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:32269
    P
    		Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:34646
    P
    		Security update for freeradius-server (Low)
    2021-03-04
    oval:org.opensuse.security:def:31732
    P
    		Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:31342
    P
    		Security update for screen (Important)
    2021-02-17
    oval:org.opensuse.security:def:54750
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)
    2021-02-10
    oval:org.opensuse.security:def:55826
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:34342
    P
    		Security update for openexr (Moderate)
    2020-12-23
    oval:org.opensuse.security:def:33878
    P
    		Security update for xen (Important)
    2020-12-07
    oval:org.opensuse.security:def:42756
    P
    		libslp1-openssl1-1.2.0-172.26.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36349
    P
    		libslp1-openssl1-1.2.0-172.26.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31816
    P
    		Security update for apport (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26976
    P
    		libtspi1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30603
    P
    		Security update for Python
    2020-12-01
    oval:org.opensuse.security:def:33178
    P
    		librsvg on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25899
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26603
    P
    		libsnmp15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30306
    P
    		Security update for t1lib
    2020-12-01
    oval:org.opensuse.security:def:32530
    P
    		hplip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27217
    P
    		libsoup-2_4-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27348
    P
    		libsnmp15-openssl1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26577
    P
    		kvm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27175
    P
    		libarchive2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26240
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27979
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:33312
    P
    		libslp1-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27634
    P
    		Security update for libgcrypt
    2020-12-01
    oval:org.opensuse.security:def:32330
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:27347
    P
    		libslp1-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29857
    P
    		Security update for the Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:31938
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:26796
    P
    		pam on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28763
    P
    		Security update for LibreOffice
    2020-12-01
    oval:org.opensuse.security:def:31815
    P
    		Security update for apache2-mod_perl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26007
    P
    		Security update for libid3tag (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26504
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:30564
    P
    		Security update for poppler
    2020-12-01
    oval:org.opensuse.security:def:32540
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25898
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26475
    P
    		Recommended update for enigmail (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32481
    P
    		NetworkManager on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54610
    P
    		libssh4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26528
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27131
    P
    		gd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33867
    P
    		Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27926
    P
    		Security update for GraphicsMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33273
    P
    		tftp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27552
    P
    		ruby-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55433
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27312
    P
    		unrar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29856
    P
    		Security update for Linux Kernel
    2020-12-01
    oval:org.opensuse.security:def:31806
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34253
    P
    		Security update for postgresql91
    2020-12-01
    oval:org.opensuse.security:def:26757
    P
    		libopensc2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28125
    P
    		Security update for guile (Low)
    2020-12-01
    oval:org.opensuse.security:def:25879
    P
    		Security update for pidgin-otr (Important)
    2020-12-01
    oval:org.opensuse.security:def:26420
    P
    		Security update for phpMyAdmin (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30515
    P
    		Security update for ghostscript
    2020-12-01
    oval:org.opensuse.security:def:32496
    P
    		coolkey on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35394
    P
    		Security update for OpenSLP
    2020-12-01
    oval:org.opensuse.security:def:26411
    P
    		Security update for go (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32425
    P
    		Security update for wpa_supplicant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26535
    P
    		cyrus-imapd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27527
    P
    		openslp-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54588
    P
    		libpolkit0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32033
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26380
    P
    		Security update for irssi (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27117
    P
    		enscript on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33866
    P
    		Security update for jasper (Important)
    2020-12-01
    oval:org.opensuse.security:def:26825
    P
    		sysconfig on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32635
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27424
    P
    		kdelibs3-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26674
    P
    		boost-license on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34196
    P
    		Security update for patch (Important)
    2020-12-01
    oval:org.opensuse.security:def:26708
    P
    		glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28081
    P
    		Security update for gcc48 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25815
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26363
    P
    		Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30460
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32474
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:35353
    P
    		Security update for mysql (Important)
    2020-12-01
    oval:org.opensuse.security:def:26400
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26521
    P
    		amavisd-new on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27492
    P
    		libtiff-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54587
    P
    		libpng16-16 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31901
    P
    		Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26229
    P
    		Security update for xawtv (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27078
    P
    		amavisd-new on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30666
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25974
    P
    		Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26741
    P
    		libcap-progs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32591
    P
    		pam_mount on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27360
    P
    		MozillaFirefox-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55161
    P
    		lcms2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26630
    P
    		perl-spamassassin on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27848
    P
    		Security update for OpenSLP
    2020-12-01
    oval:org.opensuse.security:def:34098
    P
    		Security update to ucode-intel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26655
    P
    		xterm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28067
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:57387
    P
    		Security update for Linux kernel
    2020-12-01
    oval:org.opensuse.security:def:25804
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26282
    P
    		Security update for libproxy (Important)
    2020-12-01
    oval:org.opensuse.security:def:27775
    P
    		Security update for kdebase4-workspace (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32435
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:34715
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26399
    P
    		Security update for pdns (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29942
    P
    		Security update for liblouis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26482
    P
    		Security update for ffmpeg-4 (Low)
    2020-12-01
    oval:org.opensuse.security:def:26854
    P
    		NetworkManager-gnome on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31827
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:27029
    P
    		socat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30622
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:33217
    P
    		openslp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25910
    P
    		Security update for gstreamer-0_10-plugins-base (Low)
    2020-12-01
    oval:org.opensuse.security:def:26684
    P
    		dbus-1-glib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:55718
    P
    		Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32569
    P
    		libsoup-2_4-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27252
    P
    		openslp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27349
    P
    		mailx-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:54988
    P
    		ppp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26616
    P
    		mutt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27813
    P
    		Security update for librsvg (Important)
    2020-12-01
    oval:org.opensuse.security:def:26324
    P
    		Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:28028
    P
    		Security update for bind (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25803
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27691
    P
    		Security update for xorg-x11-libXt
    2020-12-01
    oval:org.opensuse.security:def:32386
    P
    		Security update for tomcat6 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29868
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32030
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26433
    P
    		Security update for MozillaThunderbird (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26810
    P
    		pure-ftpd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28798
    P
    		Security update for OpenSLP
    2020-12-01
    oval:org.opensuse.security:def:80095
    P
    		Security update for OpenSLP
    2015-05-06
    oval:com.ubuntu.precise:def:20124428000
    V
    		CVE-2012-4428 on Ubuntu 12.04 LTS (precise) - low.
    2012-09-13
    oval:com.ubuntu.trusty:def:20124428000
    V
    		CVE-2012-4428 on Ubuntu 14.04 LTS (trusty) - low.
    2012-09-13
    BACK
    openslp openslp 1.2.1
    debian debian linux 8.0
    fedoraproject fedora 20
    canonical ubuntu linux 12.04
    canonical ubuntu linux 14.04
    openslp openslp 1.2.1