SSL: GnuTLS libtasn1 ASN1 Length DER Decoding Buffer Overflow
This signature detects attempts to exploit a known vulnerability exists in libtasn1, a component of GnuTLS. Successful exploitation may allow the attacker to execute arbitrary code in the context of the service, or crash the target service which uses the library causing Denial Of Service condition.
Extended Description
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.
Affected Products
Gnu libtasn1
References
CVE: CVE-2012-1569
Short Name
SSL:GNUTLS-ASN1-LENGTH-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SSL
Keywords
ASN1 Buffer CVE-2012-1569 DER Decoding GnuTLS Length Overflow libtasn1
Release Date
06/12/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Gnu
CVSS Score
5.0