The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.
http://cvs.openssl.org/chngview?cn=22252
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://marc.info/?l=bugtraq&m=133728068926468&w=2
http://marc.info/?l=bugtraq&m=134039053214295&w=2
http://rhn.redhat.com/errata/RHSA-2012-0426.html
http://rhn.redhat.com/errata/RHSA-2012-0488.html
http://rhn.redhat.com/errata/RHSA-2012-0531.html
http://rhn.redhat.com/errata/RHSA-2012-1306.html
http://rhn.redhat.com/errata/RHSA-2012-1307.html
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/48580
http://secunia.com/advisories/48895
http://secunia.com/advisories/48899
http://www.debian.org/security/2012/dsa-2454
http://www.openwall.com/lists/oss-security/2012/03/12/3
http://www.openwall.com/lists/oss-security/2012/03/12/6
http://www.openwall.com/lists/oss-security/2012/03/12/7
http://www.openwall.com/lists/oss-security/2012/03/13/2
http://www.securityfocus.com/bid/52764
http://www.securitytracker.com/id?1026787
OR
cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to 0.9.8t (inclusive)
OR
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
79532 | OracleVM 3.2 : onpenssl (OVMSA-2014-0008) | Nessus | OracleVM Local Security Checks | critical |
79531 | OracleVM 2.2 : openssl (OVMSA-2014-0007) | Nessus | OracleVM Local Security Checks | critical |
79286 | RHEL 5 : rhev-hypervisor5 (RHSA-2012:0488) | Nessus | Red Hat Local Security Checks | medium |
78922 | RHEL 6 : rhev-hypervisor6 (RHSA-2012:0531) | Nessus | Red Hat Local Security Checks | high |
74901 | openSUSE Security Update : openssl (openSUSE-SU-2013:0336-1) | Nessus | SuSE Local Security Checks | high |
74590 | openSUSE Security Update : openssl (openSUSE-SU-2012:0474-1) | Nessus | SuSE Local Security Checks | medium |
73562 | AIX OpenSSL Advisory : openssl_advisory4.asc | Nessus | AIX Local Security Checks | high |
71169 | GLSA-201312-03 : OpenSSL: Multiple Vulnerabilities | Nessus | Gentoo Local Security Checks | high |
69669 | Amazon Linux AMI : openssl (ALAS-2012-62) | Nessus | Amazon Linux Local Security Checks | medium |
68501 | Oracle Linux 5 / 6 : openssl (ELSA-2012-0426) | Nessus | Oracle Linux Local Security Checks | medium |
63031 | Fedora 18 : mingw-openssl-1.0.1c-1.fc18 (2012-18035) | Nessus | Fedora Local Security Checks | high |
61293 | Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20120327) | Nessus | Scientific Linux Local Security Checks | medium |
59851 | HP System Management Homepage < 7.1.1 Multiple Vulnerabilities | Nessus | Web Servers | critical |
58808 | Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 : openssl vulnerabilities (USN-1424-1) | Nessus | Ubuntu Local Security Checks | high |
58804 | Debian DSA-2454-2 : openssl - multiple vulnerabilities | Nessus | Debian Local Security Checks | high |
58699 | Fedora 15 : openssl-1.0.0h-1.fc15 (2012-4659) | Nessus | Fedora Local Security Checks | medium |
58697 | Fedora 17 : openssl-1.0.0h-1.fc17 (2012-4630) | Nessus | Fedora Local Security Checks | medium |
58679 | SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 8034) | Nessus | SuSE Local Security Checks | medium |
58678 | SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 6054) | Nessus | SuSE Local Security Checks | medium |
58677 | SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 6054) | Nessus | SuSE Local Security Checks | medium |
58669 | Fedora 16 : openssl-1.0.0h-1.fc16 (2012-4665) | Nessus | Fedora Local Security Checks | medium |
58565 | OpenSSL 1.0.0 < 1.0.0h Multiple Vulnerabilities | Nessus | Web Servers | medium |
58564 | OpenSSL < 0.9.8u Multiple Vulnerabilities | Nessus | Web Servers | medium |
801067 | OpenSSL 0.9.8 < 0.9.8u / 1.0.0 < 1.0.0h Multiple Vulnerabilities | Log Correlation Engine | Web Servers | medium |
6400 | OpenSSL 0.9.8 < 0.9.8u / 1.0.0 < 1.0.0h Multiple Vulnerabilities | Nessus Network Monitor | Web Servers | medium |
58507 | RHEL 5 / 6 : openssl (RHSA-2012:0426) | Nessus | Red Hat Local Security Checks | medium |
58502 | CentOS 5 / 6 : openssl (CESA-2012:0426) | Nessus | CentOS Local Security Checks | medium |
58490 | Mandriva Linux Security Advisory : openssl (MDVSA-2012:038) | Nessus | Mandriva Local Security Checks | medium |