Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-0027
HistoryJan 06, 2012 - 1:55 a.m.

CVE-2012-0027

2012-01-0601:55:01
CWE-399
[email protected]
web.nvd.nist.gov
58
cve-2012-0027
gost engine
openssl
denial of service
remote attackers

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.052 Low

EPSS

Percentile

93.0%

JSON

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.

Affected configurations

NVD
Node
opensslopensslRangeโ‰ค1.0.0e
OR
opensslopensslMatch0.9.1c
OR
opensslopensslMatch0.9.2b
OR
opensslopensslMatch0.9.3
OR
opensslopensslMatch0.9.3a
OR
opensslopensslMatch0.9.4
OR
opensslopensslMatch0.9.5
OR
opensslopensslMatch0.9.5a
OR
opensslopensslMatch0.9.6
OR
opensslopensslMatch0.9.6a
OR
opensslopensslMatch0.9.6b
OR
opensslopensslMatch0.9.6c
OR
opensslopensslMatch0.9.6d
OR
opensslopensslMatch0.9.6e
OR
opensslopensslMatch0.9.6f
OR
opensslopensslMatch0.9.6g
OR
opensslopensslMatch0.9.6h
OR
opensslopensslMatch0.9.6hbogus
OR
opensslopensslMatch0.9.6i
OR
opensslopensslMatch0.9.6j
OR
opensslopensslMatch0.9.6k
OR
opensslopensslMatch0.9.6l
OR
opensslopensslMatch0.9.6m
OR
opensslopensslMatch0.9.7
OR
opensslopensslMatch0.9.7a
OR
opensslopensslMatch0.9.7b
OR
opensslopensslMatch0.9.7c
OR
opensslopensslMatch0.9.7d
OR
opensslopensslMatch0.9.7e
OR
opensslopensslMatch0.9.7f
OR
opensslopensslMatch0.9.7g
OR
opensslopensslMatch0.9.7h
OR
opensslopensslMatch0.9.7i
OR
opensslopensslMatch0.9.7j
OR
opensslopensslMatch0.9.7k
OR
opensslopensslMatch0.9.7l
OR
opensslopensslMatch0.9.7m
OR
opensslopensslMatch0.9.8
OR
opensslopensslMatch0.9.8a
OR
opensslopensslMatch0.9.8b
OR
opensslopensslMatch0.9.8c
OR
opensslopensslMatch0.9.8d
OR
opensslopensslMatch0.9.8e
OR
opensslopensslMatch0.9.8f
OR
opensslopensslMatch0.9.8g
OR
opensslopensslMatch0.9.8h
OR
opensslopensslMatch0.9.8i
OR
opensslopensslMatch0.9.8j
OR
opensslopensslMatch0.9.8k
OR
opensslopensslMatch0.9.8l
OR
opensslopensslMatch0.9.8m
OR
opensslopensslMatch0.9.8n
OR
opensslopensslMatch0.9.8o
OR
opensslopensslMatch0.9.8p
OR
opensslopensslMatch0.9.8q
OR
opensslopensslMatch0.9.8r
OR
opensslopensslMatch0.9.8s
OR
opensslopensslMatch1.0.0
OR
opensslopensslMatch1.0.0beta1
OR
opensslopensslMatch1.0.0beta2
OR
opensslopensslMatch1.0.0beta3
OR
opensslopensslMatch1.0.0beta4
OR
opensslopensslMatch1.0.0beta5
OR
opensslopensslMatch1.0.0a
OR
opensslopensslMatch1.0.0b
OR
opensslopensslMatch1.0.0c
OR
opensslopensslMatch1.0.0d

Related

ubuntucve 1
prion 1
debiancve 1
openssl 1
f5 1
veracode 1
cvelist 1
nvd 1
nessus 13
openvas 12
suse 1
freebsd 1
gentoo 1
securityvulns 1
ubuntu 1
ibm 6
lenovo 2
ubuntucve
ubuntucve
CVE-2012-0027
2012-01-05 00:00:00
prion
prion
Code injection
2012-01-06 01:55:00
debiancve
debiancve
CVE-2012-0027
2012-01-06 01:55:01
openssl
openssl
Vulnerability in OpenSSL CVE-2012-0027
2012-01-04 00:00:00
f5
f5
SOL15395 - OpenSSL vulnerability CVE-2012-0027
2014-07-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-10 00:54:46
cvelist
cvelist
CVE-2012-0027
2012-01-06 01:00:00
nvd
nvd
CVE-2012-0027
2012-01-06 01:55:01
nessus
nessus
openSUSE Security Update : openssl (openSUSE-2012-52)
2014-06-13 00:00:00
openSUSE Security Update : libopenssl-devel (openSUSE-SU-2012:0083-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : openssl (MDVSA-2012:007)
2012-09-06 00:00:00
openvas
openvas
SuSE Update for openssl openSUSE-SU-2012:0083-1 (openssl)
2012-08-02 00:00:00
Mandriva Update for openssl MDVSA-2012:007 (openssl)
2012-08-03 00:00:00
Mandriva Update for openssl MDVSA-2012:007 (openssl)
2012-08-03 00:00:00
suse
suse
openssl: fixing various security issues (important)
2012-01-16 17:08:14
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2012-01-04 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2012-03-06 00:00:00
securityvulns
securityvulns
OpenSSL library multiple security vulnerabilities
2012-01-20 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2012-02-09 00:00:00
ibm
ibm
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL versions prior to 1.0.0
2022-09-25 23:13:40
Security Bulletin: Storage HMC OpenSSL upgrade to address cryptographic vulnerabilities.
2018-06-18 00:07:41
Security Bulletin: IBM Sterling Connect:Enterprise for UNIX is affected by multiple vulnerabilities in OpenSSL
2022-09-25 20:45:36
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.052 Low

EPSS

Percentile

93.0%

JSON
Related for CVE-2012-0027
ubuntucve1prion1debiancve1openssl1f51veracode1cvelist1nvd1nessus13openvas12suse1freebsd1gentoo1securityvulns1ubuntu1ibm6lenovo2