CVE-2012-1573

Scores

EPSS

0.096very_low9.6%

0%20%40%60%80%100%

Percentile: 9.6%

CVSS

5.0medium2.0

0246810

CVSS Score: 5.0/10

All CVSS Scores

CVSS 2.0

5.0

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Description

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-310

Related Vulnerabilities

BDU:2015-09647

Exploits

Exploit ID: 10071

Source: exploitdb

URL: https://www.exploit-db.com/exploits/10071

Exploit ID: 10579

Source: exploitdb

URL: https://www.exploit-db.com/exploits/10579

Exploit ID: 12334

Source: exploitdb

URL: https://www.exploit-db.com/exploits/12334

Exploit ID: 24487

Source: exploitdb

URL: https://www.exploit-db.com/exploits/24487

Exploit ID: 28726

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28726

Exploit ID: 34427

Source: exploitdb

URL: https://www.exploit-db.com/exploits/34427

Exploit ID: 4773

Source: exploitdb

URL: https://www.exploit-db.com/exploits/4773

Exploit ID: 8720

Source: exploitdb

URL: https://www.exploit-db.com/exploits/8720

Exploit ID: CVE-2009-3555

Source: github-poc

URL: https://github.com/johnwchadwick/cve-2009-3555-test-server

Exploit ID: CVE-2014-3570

Source: github-poc

URL: https://github.com/uthrasri/CVE-2014-3570_G2.5_openssl_no_patch

Exploit ID: CVE-2014-8275

Source: github-poc

URL: https://github.com/uthrasri/CVE-2014-8275_openssl_g2.5

Exploit ID: CVE-2015-0204

Source: github-poc

URL: https://github.com/AbhishekGhosh/FREAK-Attack-CVE-2015-0204-Testing-Script

Exploit ID: CVE-2015-0205

Source: github-poc

URL: https://github.com/saurabh2088/OpenSSL_1_0_1g_CVE-2015-0205

Vulnerable Software (17)

Type: Configuration

Product: gnutls

Operating System: rhel 5

Trait:

{  "fixed": "1.4.1-7.el5_8.2"}

Source: redhat

Type: Configuration

Product: gnutls

Operating System: rhel 6

Trait:

{  "fixed": "2.8.5-4.el6_2.2"}

Source: redhat

Type: Configuration

Product: gnutls13

Operating System: ubuntu hardy 8.04

Trait:

{  "fixed": "2.0.4-1ubuntu2.7"}

Source: ubuntu

Type: Configuration

Product: gnutls26

Operating System: debian

Trait:

{  "fixed": "2.12.18-1"}

Source: debian

Type: Configuration

Product: gnutls26

Operating System: ubuntu trusty 14.04

Trait:

{  "fixed": "2.12.14-5ubuntu3"}

Source: ubuntu

Type: Configuration

Product: gnutls26

Operating System: ubuntu utopic 14.10

Trait:

{  "fixed": "2.12.14-5ubuntu3"}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: debian

Trait:

{  "fixed": "3.0.17-2"}

Source: debian

Type: Configuration

Product: gnutls28

Operating System: ubuntu trusty 14.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu utopic 14.10

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu vivid 15.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu wily 15.10

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu xenial 16.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu yakkety 16.10

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: gnutls28

Operating System: ubuntu zesty 17.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: rhev-hypervisor6

Operating System: rhel 6

Trait:

{  "fixed": "6.2-20120423.1.el6_2"}

Source: redhat

Type: Configuration

Vendor: *

Product: gnutls

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.12.16",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*",      "versionEndIncluding": "2.12.16",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.4.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.6.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.7.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.8.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.10.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.6.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.7:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.8:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.9:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.11:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.12:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.13:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.14:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:2.12.15:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: gnutls

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*",      "vulnerab...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.0:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.1:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.2:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.3:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.4:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.5:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.6:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.7:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.8:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.9:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.11:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.12:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.13:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:gnu:gnutls:3.0.14:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

End of list

Russian Vulnerability Scanner Database

CVE-2012-1573

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Vulnerable Software (17)