Denial of Service : OpenSSL: TLS 1.1 and 1.2 AES-NI Crash (20130205)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.112971

Categoría: Denial of Service

Título: OpenSSL: TLS 1.1 and 1.2 AES-NI Crash (20130205) - Windows

Resumen: OpenSSL is prone to a denial of service attack.

Descripción: Summary:
OpenSSL is prone to a denial of service attack.

Vulnerability Insight:
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1
and TLS 1.2 on AES-NI supporting platforms can be exploited in a DoS attack.

Affected Software/OS:
OpenSSL 1.0.1 through 1.0.1c.

Solution:
Update to version 1.0.1d or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2686
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
BugTraq ID: 57755
http://www.securityfocus.com/bid/57755
HPdes Security Advisory: HPSBUX02909
http://marc.info/?l=bugtraq&m=137545771702053&w=2
HPdes Security Advisory: SSRT101289
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18868
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19660
http://secunia.com/advisories/55108
http://secunia.com/advisories/55139

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.112971
Categoría:	Denial of Service
Título:	OpenSSL: TLS 1.1 and 1.2 AES-NI Crash (20130205) - Windows
Resumen:	OpenSSL is prone to a denial of service attack.
Descripción:	Summary: OpenSSL is prone to a denial of service attack. Vulnerability Insight: A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a DoS attack. Affected Software/OS: OpenSSL 1.0.1 through 1.0.1c. Solution: Update to version 1.0.1d or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2686 http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html BugTraq ID: 57755 http://www.securityfocus.com/bid/57755 HPdes Security Advisory: HPSBUX02909 http://marc.info/?l=bugtraq&m=137545771702053&w=2 HPdes Security Advisory: SSRT101289 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19660 http://secunia.com/advisories/55108 http://secunia.com/advisories/55139
Copyright	Copyright (C) 2021 Greenbone Networks GmbH