Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SSL:INVALID:GNUTLS-RECORD-BO

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 SSL

Keywords

 GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow

Release Date

 2013/06/05

Update Number

 2270

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SSL: GnuTLS TLS Record Application GenericBlockCipher Parsing Integer Overflow


This signature detects a known flaw in GnuTLS. It is due to an error in ciphertext_to_compressed() which fails to verify the size of the ciphertext. Successful exploitation may allow the attacker to execute arbitrary code in the context of the service, or crash the target service which uses the library, causing a Denial Of Service condition.

Extended Description

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.

Affected Products

  • gnu gnutls 2.0.0
  • gnu gnutls 2.0.1
  • gnu gnutls 2.0.2
  • gnu gnutls 2.0.3
  • gnu gnutls 2.0.4
  • gnu gnutls 2.1.0
  • gnu gnutls 2.10.0
  • gnu gnutls 2.10.1
  • gnu gnutls 2.10.2
  • gnu gnutls 2.10.3
  • gnu gnutls 2.10.4
  • gnu gnutls 2.10.5
  • gnu gnutls 2.1.1
  • gnu gnutls 2.1.2
  • gnu gnutls 2.12.0
  • gnu gnutls 2.12.1
  • gnu gnutls 2.12.10
  • gnu gnutls 2.12.11
  • gnu gnutls 2.12.12
  • gnu gnutls 2.12.13
  • gnu gnutls 2.12.14
  • gnu gnutls 2.12.15
  • gnu gnutls 2.12.2
  • gnu gnutls 2.12.3
  • gnu gnutls 2.12.4
  • gnu gnutls 2.12.5
  • gnu gnutls 2.12.6
  • gnu gnutls 2.12.6.1
  • gnu gnutls 2.12.7
  • gnu gnutls 2.12.8
  • gnu gnutls 2.12.9
  • gnu gnutls 2.1.3
  • gnu gnutls 2.1.4
  • gnu gnutls 2.1.5
  • gnu gnutls 2.1.6
  • gnu gnutls 2.1.7
  • gnu gnutls 2.1.8
  • gnu gnutls 2.2.0
  • gnu gnutls 2.2.1
  • gnu gnutls 2.2.2
  • gnu gnutls 2.2.3
  • gnu gnutls 2.2.4
  • gnu gnutls 2.2.5
  • gnu gnutls 2.3.0
  • gnu gnutls 2.3.1
  • gnu gnutls 2.3.10
  • gnu gnutls 2.3.11
  • gnu gnutls 2.3.2
  • gnu gnutls 2.3.3
  • gnu gnutls 2.3.4
  • gnu gnutls 2.3.5
  • gnu gnutls 2.3.6
  • gnu gnutls 2.3.7
  • gnu gnutls 2.3.8
  • gnu gnutls 2.3.9
  • gnu gnutls 2.4.0
  • gnu gnutls 2.4.1
  • gnu gnutls 2.4.2
  • gnu gnutls 2.4.3
  • gnu gnutls 2.5.0
  • gnu gnutls 2.6.0
  • gnu gnutls 2.6.1
  • gnu gnutls 2.6.2
  • gnu gnutls 2.6.3
  • gnu gnutls 2.6.4
  • gnu gnutls 2.6.5
  • gnu gnutls 2.6.6
  • gnu gnutls 2.7.4
  • gnu gnutls 2.8.0
  • gnu gnutls 2.8.1
  • gnu gnutls 2.8.2
  • gnu gnutls 2.8.3
  • gnu gnutls 2.8.4
  • gnu gnutls 2.8.5
  • gnu gnutls 2.8.6
  • gnu gnutls 3.0
  • gnu gnutls 3.0.0
  • gnu gnutls 3.0.1
  • gnu gnutls 3.0.10
  • gnu gnutls 3.0.11
  • gnu gnutls 3.0.12
  • gnu gnutls 3.0.13
  • gnu gnutls 3.0.14
  • gnu gnutls 3.0.2
  • gnu gnutls 3.0.3
  • gnu gnutls 3.0.4
  • gnu gnutls 3.0.5
  • gnu gnutls 3.0.6
  • gnu gnutls 3.0.7
  • gnu gnutls 3.0.8
  • gnu gnutls 3.0.9
  • gnu gnutls up to 2.12.16

References

  • CVE: CVE-2012-1573

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out