Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2454-2 (openssl)
Summary:The remote host is missing an update to openssl;announced via advisory DSA 2454-2.
The remote host is missing an update to openssl
announced via advisory DSA 2454-2.

Vulnerability Insight:
Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for
the 0.9.8 series of OpenSSL was incomplete. It has been assigned the
CVE-2012-2131 identifier.

For reference, the original description of CVE-2012-2110 from DSA-2454-1
is quoted below:


Tavis Ormandy, Google Security Team, discovered a vulnerability
in the way DER-encoded ASN.1 data is parsed that can result in
a heap overflow.

For the stable distribution (squeeze), this problem has been fixed in
version 0.9.8o-4squeeze12.

The testing distribution (wheezy), and the unstable distribution (sid),
are not affected by this issue.

We recommend that you upgrade your openssl packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-2131
BugTraq ID: 53212
Debian Security Information: DSA-2454 (Google Search)
HPdes Security Advisory: HPSBOV02793
HPdes Security Advisory: HPSBUX02782
HPdes Security Advisory: SSRT100844
HPdes Security Advisory: SSRT100891
SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search)
SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search)
XForce ISS Database: openssl-asn1-code-execution(75099)
Common Vulnerability Exposure (CVE) ID: CVE-2012-2110
BugTraq ID: 53158
HPdes Security Advisory: HPSBMU02776
HPdes Security Advisory: HPSBMU02900
HPdes Security Advisory: SSRT100852
HPdes Security Advisory: SSRT101210
RedHat Security Advisories: RHSA-2012:0518
RedHat Security Advisories: RHSA-2012:0522
RedHat Security Advisories: RHSA-2012:1306
RedHat Security Advisories: RHSA-2012:1307
RedHat Security Advisories: RHSA-2012:1308
CopyrightCopyright (c) 2012 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.