CVE-2012-2110

Description

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.

Affected products

OpenSSL / OpenSSL1.0.1 – 1.0.1
OpenSSL / OpenSSL1.0.0 – 1.0.0
OpenSSL / OpenSSL1.0.0 – 1.0.0
OpenSSL / OpenSSL1.0.0 – 1.0.0
OpenSSL / OpenSSL1.0.0 – 1.0.0
OpenSSL / OpenSSL1.0.0 – 1.0.0
OpenSSL / OpenSSL1.0.0a – 1.0.0a
OpenSSL / OpenSSL1.0.0b – 1.0.0b
OpenSSL / OpenSSL1.0.0c – 1.0.0c
OpenSSL / OpenSSL1.0.0d – 1.0.0d
OpenSSL / OpenSSL1.0.0e – 1.0.0e
OpenSSL / OpenSSL1.0.0g – 1.0.0g
OpenSSL / OpenSSL0.9.8u
OpenSSL / OpenSSL0.9.1c – 0.9.1c
OpenSSL / OpenSSL0.9.2b – 0.9.2b
OpenSSL / OpenSSL0.9.3 – 0.9.3
OpenSSL / OpenSSL0.9.3a – 0.9.3a
OpenSSL / OpenSSL0.9.4 – 0.9.4
OpenSSL / OpenSSL0.9.5 – 0.9.5
OpenSSL / OpenSSL0.9.5 – 0.9.5
OpenSSL / OpenSSL0.9.5 – 0.9.5
OpenSSL / OpenSSL0.9.5a – 0.9.5a
OpenSSL / OpenSSL0.9.5a – 0.9.5a
OpenSSL / OpenSSL0.9.5a – 0.9.5a
OpenSSL / OpenSSL0.9.6 – 0.9.6
OpenSSL / OpenSSL0.9.6 – 0.9.6
OpenSSL / OpenSSL0.9.6 – 0.9.6
OpenSSL / OpenSSL0.9.6 – 0.9.6
OpenSSL / OpenSSL0.9.6a – 0.9.6a
OpenSSL / OpenSSL0.9.6a – 0.9.6a
OpenSSL / OpenSSL0.9.6a – 0.9.6a
OpenSSL / OpenSSL0.9.6a – 0.9.6a
OpenSSL / OpenSSL0.9.6b – 0.9.6b
OpenSSL / OpenSSL0.9.6c – 0.9.6c
OpenSSL / OpenSSL0.9.6d – 0.9.6d
OpenSSL / OpenSSL0.9.6e – 0.9.6e
OpenSSL / OpenSSL0.9.6f – 0.9.6f
OpenSSL / OpenSSL0.9.6g – 0.9.6g
OpenSSL / OpenSSL0.9.6h – 0.9.6h
OpenSSL / OpenSSL0.9.6i – 0.9.6i
OpenSSL / OpenSSL0.9.6j – 0.9.6j
OpenSSL / OpenSSL0.9.6k – 0.9.6k
OpenSSL / OpenSSL0.9.6l – 0.9.6l
OpenSSL / OpenSSL0.9.6m – 0.9.6m
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7a – 0.9.7a
OpenSSL / OpenSSL0.9.7b – 0.9.7b
OpenSSL / OpenSSL0.9.7c – 0.9.7c
OpenSSL / OpenSSL0.9.7d – 0.9.7d
OpenSSL / OpenSSL0.9.7e – 0.9.7e
OpenSSL / OpenSSL0.9.7f – 0.9.7f
OpenSSL / OpenSSL0.9.7g – 0.9.7g
OpenSSL / OpenSSL0.9.7h – 0.9.7h
OpenSSL / OpenSSL0.9.7i – 0.9.7i
OpenSSL / OpenSSL0.9.7j – 0.9.7j
OpenSSL / OpenSSL0.9.7k – 0.9.7k
OpenSSL / OpenSSL0.9.7l – 0.9.7l
OpenSSL / OpenSSL0.9.7m – 0.9.7m
OpenSSL / OpenSSL0.9.8 – 0.9.8
OpenSSL / OpenSSL0.9.8a – 0.9.8a
OpenSSL / OpenSSL0.9.8b – 0.9.8b
OpenSSL / OpenSSL0.9.8c – 0.9.8c
OpenSSL / OpenSSL0.9.8d – 0.9.8d
OpenSSL / OpenSSL0.9.8e – 0.9.8e
OpenSSL / OpenSSL0.9.8f – 0.9.8f
OpenSSL / OpenSSL0.9.8g – 0.9.8g
OpenSSL / OpenSSL0.9.8h – 0.9.8h
OpenSSL / OpenSSL0.9.8i – 0.9.8i
OpenSSL / OpenSSL0.9.8j – 0.9.8j
OpenSSL / OpenSSL0.9.8k – 0.9.8k
OpenSSL / OpenSSL0.9.8l – 0.9.8l
OpenSSL / OpenSSL0.9.8m – 0.9.8m
OpenSSL / OpenSSL0.9.8m – 0.9.8m
OpenSSL / OpenSSL0.9.8n – 0.9.8n
OpenSSL / OpenSSL0.9.8o – 0.9.8o
OpenSSL / OpenSSL0.9.8p – 0.9.8p
OpenSSL / OpenSSL0.9.8q – 0.9.8q
OpenSSL / OpenSSL0.9.8r – 0.9.8r
OpenSSL / OpenSSL0.9.8s – 0.9.8s
OpenSSL / OpenSSL0.9.8t – 0.9.8t
OpenSSL / OpenSSL1.0.1 – 1.0.1
OpenSSL / OpenSSL1.0.0 – 1.0.0
RedHat / openssl0.9.7a-2 – 0.9.7a-2
RedHat / openssl0.9.6-15 – 0.9.6-15
RedHat / openssl0.9.6b-3 – 0.9.6b-3

References

MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
MISChttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
MISChttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
VENDOR_ADVISORYhttp://secunia.com/advisories/48899
MISChttp://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
MISChttp://rhn.redhat.com/errata/RHSA-2012-1308.html
MISChttp://cvs.openssl.org/chngview?cn=22434
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2012:060
MISChttp://rhn.redhat.com/errata/RHSA-2012-1307.html
EXPLOIThttp://www.exploit-db.com/exploits/18756
MISChttp://rhn.redhat.com/errata/RHSA-2012-0518.html
VENDOR_ADVISORYhttp://www.debian.org/security/2012/dsa-2454
VENDOR_ADVISORYhttp://support.apple.com/kb/HT5784
MAILING_LISThttp://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
VENDOR_ADVISORYhttp://www.ubuntu.com/usn/USN-1424-1
VENDOR_ADVISORYhttp://secunia.com/advisories/48895
VENDOR_ADVISORYhttp://secunia.com/advisories/48847
MISChttp://cvs.openssl.org/chngview?cn=22439
MISChttp://rhn.redhat.com/errata/RHSA-2012-1306.html
MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
MISChttp://rhn.redhat.com/errata/RHSA-2012-0522.html
MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
MAILING_LISThttp://marc.info/?l=bugtraq&m=134039053214295&w=2
VENDOR_ADVISORYhttp://secunia.com/advisories/57353
MISChttp://www.securityfocus.com/bid/53158
MAILING_LISThttp://marc.info/?l=bugtraq&m=133728068926468&w=2
MAILING_LISThttp://marc.info/?l=bugtraq&m=134039053214295&w=2
MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
MISChttp://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
MAILING_LISThttp://marc.info/?l=bugtraq&m=133951357207000&w=2
VENDOR_ADVISORYhttp://secunia.com/advisories/48942
MISChttp://www.openssl.org/news/secadv_20120419.txt
MISChttp://cvs.openssl.org/chngview?cn=22431
MISChttp://www.securitytracker.com/id?1026957
VENDOR_ADVISORYhttp://secunia.com/advisories/48999
MAILING_LISThttp://marc.info/?l=bugtraq&m=133951357207000&w=2
MISChttp://osvdb.org/81223
MISChttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
MAILING_LISThttp://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
MISChttps://kb.juniper.net/KB27376
MAILING_LISThttp://marc.info/?l=bugtraq&m=133728068926468&w=2