CVE-2012-1569

MEDIUM

Description

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.

References

http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html

http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932

http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53

http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54

http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/

http://linux.oracle.com/errata/ELSA-2014-0596.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html

http://rhn.redhat.com/errata/RHSA-2012-0427.html

http://rhn.redhat.com/errata/RHSA-2012-0488.html

http://rhn.redhat.com/errata/RHSA-2012-0531.html

http://secunia.com/advisories/48397

http://secunia.com/advisories/48488

http://secunia.com/advisories/48505

http://secunia.com/advisories/48578

http://secunia.com/advisories/48596

http://secunia.com/advisories/49002

http://secunia.com/advisories/50739

http://secunia.com/advisories/57260

http://www.debian.org/security/2012/dsa-2440

http://www.gnu.org/software/gnutls/security.html

http://www.mandriva.com/security/advisories?name=MDVSA-2012:039

http://www.openwall.com/lists/oss-security/2012/03/20/3

http://www.openwall.com/lists/oss-security/2012/03/20/8

http://www.openwall.com/lists/oss-security/2012/03/21/5

http://www.securitytracker.com/id?1026829

http://www.ubuntu.com/usn/USN-1436-1

https://bugzilla.redhat.com/show_bug.cgi?id=804920

Details

Source: MITRE

Published: 2012-03-26

Updated: 2018-01-18

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM