CVE-2012-1573 (GCVE-0-2012-1573)
Vulnerability from cvelistv5
Published
2012-03-26 19:00
Modified
2024-08-06 19:01
Severity ?
VLAI Severity ?
Medium (confidence: 0.9765)
CWE
  • n/a
Summary
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
References
secalert@redhat.com http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html
secalert@redhat.com http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910
secalert@redhat.com http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912
secalert@redhat.com http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/ Exploit
secalert@redhat.com http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d
secalert@redhat.com http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185
secalert@redhat.com http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html
secalert@redhat.com http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html
secalert@redhat.com http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
secalert@redhat.com http://osvdb.org/80259
secalert@redhat.com http://rhn.redhat.com/errata/RHSA-2012-0429.html
secalert@redhat.com http://rhn.redhat.com/errata/RHSA-2012-0488.html
secalert@redhat.com http://rhn.redhat.com/errata/RHSA-2012-0531.html
secalert@redhat.com http://secunia.com/advisories/48488
secalert@redhat.com http://secunia.com/advisories/48511
secalert@redhat.com http://secunia.com/advisories/48596
secalert@redhat.com http://secunia.com/advisories/48712
secalert@redhat.com http://secunia.com/advisories/57260
secalert@redhat.com http://www.debian.org/security/2012/dsa-2441
secalert@redhat.com http://www.gnu.org/software/gnutls/security.html Vendor Advisory
secalert@redhat.com http://www.mandriva.com/security/advisories?name=MDVSA-2012:040
secalert@redhat.com http://www.openwall.com/lists/oss-security/2012/03/21/4
secalert@redhat.com http://www.openwall.com/lists/oss-security/2012/03/21/5
secalert@redhat.com http://www.securityfocus.com/bid/52667
secalert@redhat.com http://www.securitytracker.com/id?1026828
secalert@redhat.com http://www.ubuntu.com/usn/USN-1418-1
secalert@redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=805432
af854a3a-2127-422b-91ae-364da2661108 http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html
af854a3a-2127-422b-91ae-364da2661108 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910
af854a3a-2127-422b-91ae-364da2661108 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912
af854a3a-2127-422b-91ae-364da2661108 http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/ Exploit
af854a3a-2127-422b-91ae-364da2661108 http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d
af854a3a-2127-422b-91ae-364da2661108 http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185
af854a3a-2127-422b-91ae-364da2661108 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/80259
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2012-0429.html
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2012-0488.html
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2012-0531.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/48488
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/48511
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/48596
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/48712
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/57260
af854a3a-2127-422b-91ae-364da2661108 http://www.debian.org/security/2012/dsa-2441
af854a3a-2127-422b-91ae-364da2661108 http://www.gnu.org/software/gnutls/security.html Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.mandriva.com/security/advisories?name=MDVSA-2012:040
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2012/03/21/4
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2012/03/21/5
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/52667
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1026828
af854a3a-2127-422b-91ae-364da2661108 http://www.ubuntu.com/usn/USN-1418-1
af854a3a-2127-422b-91ae-364da2661108 https://bugzilla.redhat.com/show_bug.cgi?id=805432
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T19:01:01.946Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-1418-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-1418-1",
               },
               {
                  name: "57260",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/57260",
               },
               {
                  name: "RHSA-2012:0531",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
               },
               {
                  name: "[gnutls-devel] 20120302 gnutls 3.0.15",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=805432",
               },
               {
                  name: "48511",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48511",
               },
               {
                  name: "80259",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://osvdb.org/80259",
               },
               {
                  name: "52667",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/52667",
               },
               {
                  name: "[oss-security] 20120321 Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2012/03/21/5",
               },
               {
                  name: "48488",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48488",
               },
               {
                  name: "48712",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48712",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.gnu.org/software/gnutls/security.html",
               },
               {
                  name: "1026828",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1026828",
               },
               {
                  name: "FEDORA-2012-4569",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html",
               },
               {
                  name: "FEDORA-2012-4578",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html",
               },
               {
                  name: "RHSA-2012:0488",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2012-0488.html",
               },
               {
                  name: "SUSE-SU-2014:0320",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html",
               },
               {
                  name: "48596",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/48596",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d",
               },
               {
                  name: "[oss-security] 20120321 CVE request: GnuTLS TLS record handling issue / MU-201202-01",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2012/03/21/4",
               },
               {
                  name: "[gnutls-devel] 20120302 gnutls 2.12.16",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910",
               },
               {
                  name: "DSA-2441",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2012/dsa-2441",
               },
               {
                  name: "MDVSA-2012:040",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:040",
               },
               {
                  name: "RHSA-2012:0429",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2012-0429.html",
               },
               {
                  name: "20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2012-03-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-17T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "USN-1418-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-1418-1",
            },
            {
               name: "57260",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/57260",
            },
            {
               name: "RHSA-2012:0531",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
            },
            {
               name: "[gnutls-devel] 20120302 gnutls 3.0.15",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=805432",
            },
            {
               name: "48511",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48511",
            },
            {
               name: "80259",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://osvdb.org/80259",
            },
            {
               name: "52667",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/52667",
            },
            {
               name: "[oss-security] 20120321 Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2012/03/21/5",
            },
            {
               name: "48488",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48488",
            },
            {
               name: "48712",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48712",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.gnu.org/software/gnutls/security.html",
            },
            {
               name: "1026828",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1026828",
            },
            {
               name: "FEDORA-2012-4569",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html",
            },
            {
               name: "FEDORA-2012-4578",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html",
            },
            {
               name: "RHSA-2012:0488",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2012-0488.html",
            },
            {
               name: "SUSE-SU-2014:0320",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html",
            },
            {
               name: "48596",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/48596",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d",
            },
            {
               name: "[oss-security] 20120321 CVE request: GnuTLS TLS record handling issue / MU-201202-01",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2012/03/21/4",
            },
            {
               name: "[gnutls-devel] 20120302 gnutls 2.12.16",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910",
            },
            {
               name: "DSA-2441",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2012/dsa-2441",
            },
            {
               name: "MDVSA-2012:040",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:040",
            },
            {
               name: "RHSA-2012:0429",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2012-0429.html",
            },
            {
               name: "20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2012-1573",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-1418-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-1418-1",
                  },
                  {
                     name: "57260",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/57260",
                  },
                  {
                     name: "RHSA-2012:0531",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2012-0531.html",
                  },
                  {
                     name: "[gnutls-devel] 20120302 gnutls 3.0.15",
                     refsource: "MLIST",
                     url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912",
                  },
                  {
                     name: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commit;h=b495740f2ff66550ca9395b3fda3ea32c3acb185",
                     refsource: "CONFIRM",
                     url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commit;h=b495740f2ff66550ca9395b3fda3ea32c3acb185",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=805432",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=805432",
                  },
                  {
                     name: "48511",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48511",
                  },
                  {
                     name: "80259",
                     refsource: "OSVDB",
                     url: "http://osvdb.org/80259",
                  },
                  {
                     name: "52667",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/52667",
                  },
                  {
                     name: "[oss-security] 20120321 Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2012/03/21/5",
                  },
                  {
                     name: "48488",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48488",
                  },
                  {
                     name: "48712",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48712",
                  },
                  {
                     name: "http://www.gnu.org/software/gnutls/security.html",
                     refsource: "CONFIRM",
                     url: "http://www.gnu.org/software/gnutls/security.html",
                  },
                  {
                     name: "1026828",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1026828",
                  },
                  {
                     name: "FEDORA-2012-4569",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html",
                  },
                  {
                     name: "FEDORA-2012-4578",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html",
                  },
                  {
                     name: "RHSA-2012:0488",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2012-0488.html",
                  },
                  {
                     name: "SUSE-SU-2014:0320",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html",
                  },
                  {
                     name: "48596",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/48596",
                  },
                  {
                     name: "http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/",
                     refsource: "MISC",
                     url: "http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/",
                  },
                  {
                     name: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commit;h=422214868061370aeeb0ac9cd0f021a5c350a57d",
                     refsource: "CONFIRM",
                     url: "http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commit;h=422214868061370aeeb0ac9cd0f021a5c350a57d",
                  },
                  {
                     name: "[oss-security] 20120321 CVE request: GnuTLS TLS record handling issue / MU-201202-01",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2012/03/21/4",
                  },
                  {
                     name: "[gnutls-devel] 20120302 gnutls 2.12.16",
                     refsource: "MLIST",
                     url: "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910",
                  },
                  {
                     name: "DSA-2441",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2012/dsa-2441",
                  },
                  {
                     name: "MDVSA-2012:040",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2012:040",
                  },
                  {
                     name: "RHSA-2012:0429",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2012-0429.html",
                  },
                  {
                     name: "20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1",
                     refsource: "BUGTRAQ",
                     url: "http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2012-1573",
      datePublished: "2012-03-26T19:00:00",
      dateReserved: "2012-03-12T00:00:00",
      dateUpdated: "2024-08-06T19:01:01.946Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.12.16\", \"matchCriteriaId\": \"E74CD4C2-9970-4B33-9697-DD51275ADEEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81C6C982-21D5-4FE3-A342-FC45BD78D2F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69E3A01-D8C6-4C36-8C4E-52B96541D5B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9D61596-01EB-4936-923B-63537625F926\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"599EB59C-7717-47A8-84C6-78B6D79AEB02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A6CBB77-818D-4DFF-9DD9-07EBF9933B06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26E9005E-5034-43F2-B96E-7829E19FE3A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FA854EA-29FE-4B91-AEA3-ED649D7FD25A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC3A5EE-2892-4548-A0CB-D3289CD64D63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83F22BF4-A738-438B-8D0B-6993640F0D31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D3193B7-8FB9-45E4-BFF6-891A3F14F021\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AF269AE-121B-4982-A765-5C7E806FA9FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1C9F604-7FBE-4759-B039-8F5894574203\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"191821CD-E4CB-4269-B04C-284A9F9783B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2A71474-958D-4689-A652-3E2A731F47FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38169043-17DF-4CF9-963A-8770B8882357\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D7E5D9C-0976-4C9A-9FEB-AB923845BAD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4537676-A72E-4433-B44F-3664EDD6F240\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7CCCB66-C7CC-4E5C-8253-C29D57BE9B43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D090B10-68F2-424D-8234-2A280AA96B59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23168B77-645D-4A2A-A6E3-7001104064A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D085B16-3116-423F-BDE0-2D93E12650A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C59247E9-CDAE-4269-A8E4-F49F617CDD23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6019C0C-E9DD-4831-8E6A-785AE1A930FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F9CF15-8789-49B6-BB6D-B784C8FF20ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6DAE798-14C9-4CB6-A39F-69CDF9D8FBB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C51E0C88-B19C-408D-AC17-10CE7462D48A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A7FBFAA-263C-4B7B-A135-9824DFD8CCDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AC41482-B3BC-4C93-A850-73A179BAB763\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADC80BE1-28A6-4348-A061-8FD9C805E945\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D8EF703-AE06-4DD7-9235-2D8CCDB24F96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A8AC314-065B-4BC3-A5EE-CA6D3006F9F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8201FF6-53A8-4850-A2B2-47AA65B2CB75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFB33002-E5C6-4573-BC94-647DDE4E6F89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D7D245A-D983-40AD-89A7-0EA00D38D570\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7223691-225D-4649-B410-F41D2C489BA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F786B6F2-77FC-4DFE-A574-2C00EDC08CE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA9E7F22-5BC4-4AD5-A630-25947CC1E5B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6B3DBF9-52EB-4741-85E4-E68645BD81E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"350A6845-77D6-4D63-A13C-5DAB55F98727\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A456D12-C43A-47B0-AC0D-BF02AEBA0828\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D457688-987A-4059-AA58-D9BF19ABC48B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA20043D-EC85-4003-9E7B-27AB50F4E133\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18A2C47E-510D-4537-8F51-3763A73E8E52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4704D411-7B24-4B1F-9D40-A39A178FF873\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B5E7C27-A5D9-4ABD-AFC5-5367083F387F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3091701-9B7C-4494-A82E-6E6F64656D85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"541BCA04-0500-4388-9140-55C17E17EB15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E11431F6-8C9D-40E1-84F6-CD25147DB15E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DC3D824-585E-49F1-9E44-902F5C7D57D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2097221B-46C2-480C-8D79-54080186BB58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5CEC430-8CFF-4DC5-9B2B-338C401B1984\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2DAA60D-F9B4-4045-81C2-29AD913E7BF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"547CC163-57F9-4418-BFB1-0E688DEEE0BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A274912-B16F-4B91-8CC0-E5CEED04B678\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA84D0DE-B63F-41E4-AB04-70D2F5134D46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5552C7B3-5D56-4858-B138-F49CD1F90513\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F7E11DD-6AFC-4271-92D5-FB41CA6E1B52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA23D0EC-6014-4303-962A-1936EFCE3D16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0E6021A-40FC-457A-8AAA-0F7E7F9E6752\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62E5D41F-1837-42C3-B99C-5A0A36013AC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA54B99-2FF1-432F-9587-8F384323CADE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39F59B50-BC97-43B3-BC15-C767F420291E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37B25626-7C72-4BAE-85FF-415A5F376A00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31E092EF-D7F6-4160-B928-3C3EA1198B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C9B2C9-60F6-4BA0-B1F6-5C697065D098\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F80978A-AAE2-4B69-B54E-C30B9D96C034\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8392ACC4-0325-464D-A39A-E9CDC5AADF1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"185A2FAD-5541-4439-924B-406BD33E6FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"854F260C-4C7D-4855-8644-4B6DC7CD5657\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9943C65B-B896-4F7B-BE86-D6D13CF5C6E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07E877F8-3623-4295-816F-7EE4FFDE1599\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEBBF961-3DB5-4DBC-AB6F-D3180EA79E6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86E711C7-37EE-4957-BD49-FA08103357BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A964A74F-CC0E-4E2E-8DBB-858A66EA2566\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B36918C-BB8D-4B8E-8868-7726C5ADD4FE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC43DD1B-D8F0-4CC6-A5A9-C0DCEB1A7131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8150D656-9B13-49D0-9960-4C78E057AB26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C048B6A-5AB2-4363-8FE1-88D3F627E1BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABA62CAC-C88C-44E5-A611-366F9AD5FB11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B53405BD-AC8E-4106-9D21-BCD5815E7ECA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0161F845-C5F4-4318-949A-499A4062FB78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBCACBF9-CE33-4F10-8CFC-84F24CC33476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C42F577F-264C-4F8F-955A-67743965AB8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9000897D-502D-46E3-95A0-FBCEBB0ED5C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E53BBB9E-3A38-478E-BE88-E5C83E0C9ED8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1B8EDFF-5683-4171-BA76-9B26CAE19FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"022F28CD-4D6B-48AB-8E39-244E19D34F67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16B5986E-1029-4D40-8012-1FF1615C929A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45439989-0D3B-4DCE-AB35-B63B1543CD59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBCD4F3C-8BD4-4367-B00C-A1379C158625\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12F2CFB7-5ACF-4328-B0F8-C3A981CAA368\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.\"}, {\"lang\": \"es\", \"value\": \"gnutls_cipher.c en libgnutls en GnuTLS antes de v2.12.17 y v3.x antes de v3.0.15 no maneja adecuadamente los datos cifrados con un cifrado de bloques, lo que permite provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de la pila de memoria y ca\\u00edda de la aplicaci\\u00f3n) a atacantes remotos a trav\\u00e9s de un registro hecho a mano, como se demuestra por una estructura GenericBlockCipher especificamente creada para este fin.\"}]",
         id: "CVE-2012-1573",
         lastModified: "2024-11-21T01:37:14.133",
         metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2012-03-26T19:55:01.390",
         references: "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://osvdb.org/80259\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0429.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0488.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0531.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48488\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48511\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48596\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/48712\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/57260\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2012/dsa-2441\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.gnu.org/software/gnutls/security.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:040\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2012/03/21/4\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2012/03/21/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/52667\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id?1026828\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1418-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=805432\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/80259\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0429.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0488.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0531.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48488\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48511\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48596\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/48712\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/57260\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2012/dsa-2441\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.gnu.org/software/gnutls/security.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:040\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2012/03/21/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2012/03/21/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/52667\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1026828\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1418-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=805432\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "secalert@redhat.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2012-1573\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-03-26T19:55:01.390\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.\"},{\"lang\":\"es\",\"value\":\"gnutls_cipher.c en libgnutls en GnuTLS antes de v2.12.17 y v3.x antes de v3.0.15 no maneja adecuadamente los datos cifrados con un cifrado de bloques, lo que permite provocar una denegación de servicio (corrupción de la pila de memoria y caída de la aplicación) a atacantes remotos a través de un registro hecho a mano, como se demuestra por una estructura GenericBlockCipher especificamente creada para este fin.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.12.16\",\"matchCriteriaId\":\"E74CD4C2-9970-4B33-9697-DD51275ADEEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81C6C982-21D5-4FE3-A342-FC45BD78D2F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69E3A01-D8C6-4C36-8C4E-52B96541D5B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9D61596-01EB-4936-923B-63537625F926\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"599EB59C-7717-47A8-84C6-78B6D79AEB02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A6CBB77-818D-4DFF-9DD9-07EBF9933B06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E9005E-5034-43F2-B96E-7829E19FE3A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA854EA-29FE-4B91-AEA3-ED649D7FD25A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC3A5EE-2892-4548-A0CB-D3289CD64D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F22BF4-A738-438B-8D0B-6993640F0D31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D3193B7-8FB9-45E4-BFF6-891A3F14F021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF269AE-121B-4982-A765-5C7E806FA9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C9F604-7FBE-4759-B039-8F5894574203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"191821CD-E4CB-4269-B04C-284A9F9783B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2A71474-958D-4689-A652-3E2A731F47FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38169043-17DF-4CF9-963A-8770B8882357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D7E5D9C-0976-4C9A-9FEB-AB923845BAD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4537676-A72E-4433-B44F-3664EDD6F240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7CCCB66-C7CC-4E5C-8253-C29D57BE9B43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D090B10-68F2-424D-8234-2A280AA96B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23168B77-645D-4A2A-A6E3-7001104064A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D085B16-3116-423F-BDE0-2D93E12650A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C59247E9-CDAE-4269-A8E4-F49F617CDD23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6019C0C-E9DD-4831-8E6A-785AE1A930FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F9CF15-8789-49B6-BB6D-B784C8FF20ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6DAE798-14C9-4CB6-A39F-69CDF9D8FBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C51E0C88-B19C-408D-AC17-10CE7462D48A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A7FBFAA-263C-4B7B-A135-9824DFD8CCDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AC41482-B3BC-4C93-A850-73A179BAB763\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADC80BE1-28A6-4348-A061-8FD9C805E945\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8EF703-AE06-4DD7-9235-2D8CCDB24F96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A8AC314-065B-4BC3-A5EE-CA6D3006F9F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8201FF6-53A8-4850-A2B2-47AA65B2CB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFB33002-E5C6-4573-BC94-647DDE4E6F89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D7D245A-D983-40AD-89A7-0EA00D38D570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7223691-225D-4649-B410-F41D2C489BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F786B6F2-77FC-4DFE-A574-2C00EDC08CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA9E7F22-5BC4-4AD5-A630-25947CC1E5B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6B3DBF9-52EB-4741-85E4-E68645BD81E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"350A6845-77D6-4D63-A13C-5DAB55F98727\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A456D12-C43A-47B0-AC0D-BF02AEBA0828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D457688-987A-4059-AA58-D9BF19ABC48B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA20043D-EC85-4003-9E7B-27AB50F4E133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A2C47E-510D-4537-8F51-3763A73E8E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4704D411-7B24-4B1F-9D40-A39A178FF873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B5E7C27-A5D9-4ABD-AFC5-5367083F387F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3091701-9B7C-4494-A82E-6E6F64656D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"541BCA04-0500-4388-9140-55C17E17EB15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11431F6-8C9D-40E1-84F6-CD25147DB15E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DC3D824-585E-49F1-9E44-902F5C7D57D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2097221B-46C2-480C-8D79-54080186BB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5CEC430-8CFF-4DC5-9B2B-338C401B1984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2DAA60D-F9B4-4045-81C2-29AD913E7BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"547CC163-57F9-4418-BFB1-0E688DEEE0BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A274912-B16F-4B91-8CC0-E5CEED04B678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA84D0DE-B63F-41E4-AB04-70D2F5134D46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5552C7B3-5D56-4858-B138-F49CD1F90513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F7E11DD-6AFC-4271-92D5-FB41CA6E1B52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA23D0EC-6014-4303-962A-1936EFCE3D16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0E6021A-40FC-457A-8AAA-0F7E7F9E6752\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E5D41F-1837-42C3-B99C-5A0A36013AC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA54B99-2FF1-432F-9587-8F384323CADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F59B50-BC97-43B3-BC15-C767F420291E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37B25626-7C72-4BAE-85FF-415A5F376A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31E092EF-D7F6-4160-B928-3C3EA1198B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C9B2C9-60F6-4BA0-B1F6-5C697065D098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F80978A-AAE2-4B69-B54E-C30B9D96C034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8392ACC4-0325-464D-A39A-E9CDC5AADF1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185A2FAD-5541-4439-924B-406BD33E6FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"854F260C-4C7D-4855-8644-4B6DC7CD5657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9943C65B-B896-4F7B-BE86-D6D13CF5C6E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E877F8-3623-4295-816F-7EE4FFDE1599\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEBBF961-3DB5-4DBC-AB6F-D3180EA79E6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E711C7-37EE-4957-BD49-FA08103357BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A964A74F-CC0E-4E2E-8DBB-858A66EA2566\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B36918C-BB8D-4B8E-8868-7726C5ADD4FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC43DD1B-D8F0-4CC6-A5A9-C0DCEB1A7131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8150D656-9B13-49D0-9960-4C78E057AB26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C048B6A-5AB2-4363-8FE1-88D3F627E1BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABA62CAC-C88C-44E5-A611-366F9AD5FB11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53405BD-AC8E-4106-9D21-BCD5815E7ECA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0161F845-C5F4-4318-949A-499A4062FB78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCACBF9-CE33-4F10-8CFC-84F24CC33476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42F577F-264C-4F8F-955A-67743965AB8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9000897D-502D-46E3-95A0-FBCEBB0ED5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E53BBB9E-3A38-478E-BE88-E5C83E0C9ED8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B8EDFF-5683-4171-BA76-9B26CAE19FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022F28CD-4D6B-48AB-8E39-244E19D34F67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16B5986E-1029-4D40-8012-1FF1615C929A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45439989-0D3B-4DCE-AB35-B63B1543CD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBCD4F3C-8BD4-4367-B00C-A1379C158625\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F2CFB7-5ACF-4328-B0F8-C3A981CAA368\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/80259\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0429.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0488.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0531.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48488\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48511\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48596\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/48712\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/57260\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2441\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gnu.org/software/gnutls/security.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:040\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/03/21/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/03/21/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/52667\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1026828\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1418-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=805432\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=422214868061370aeeb0ac9cd0f021a5c350a57d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://git.savannah.gnu.org/gitweb/?p=gnutls.git%3Ba=commit%3Bh=b495740f2ff66550ca9395b3fda3ea32c3acb185\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077071.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076496.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/80259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0429.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0488.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0531.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48511\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48596\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/48712\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/57260\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2441\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gnu.org/software/gnutls/security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/03/21/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2012/03/21/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/52667\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026828\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1418-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=805432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.