Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mandrake Local Security Checks
Title:Mandriva Update for libtasn1 MDVSA-2012:039 (libtasn1)
Summary:The remote host is missing an update for the 'libtasn1'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'libtasn1'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability has been found and corrected in libtasn1:

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before
2.12, as used in GnuTLS before 3.0.16 and other products, does not
properly handle certain large length values, which allows remote
attackers to cause a denial of service (heap memory corruption and
application crash) or possibly have unspecified other impact via a
crafted ASN.1 structure (CVE-2012-1569).

The updated packages have been patched to correct this issue.

Affected Software/OS:
libtasn1 on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2,
Mandriva Linux 2010.1

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-1569
Bugtraq: 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (Google Search)
Debian Security Information: DSA-2440 (Google Search)
RedHat Security Advisories: RHSA-2012:0427
RedHat Security Advisories: RHSA-2012:0488
RedHat Security Advisories: RHSA-2012:0531
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.