SSL: GnuTLS TLS Record Application GenericBlockCipher Parsing Overflow
This signature detects a known flaw in GnuTLS. It is due to an error in ciphertext_to_compressed() which fails to verify the size of the ciphertext. Successful exploitation may allow the attacker to execute arbitrary code in the context of the service, or crash the target service which uses the library, causing a Denial Of Service condition.
Extended Description
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
Affected Products
Gnu gnutls
References
CVE: CVE-2012-1573
Short Name
SSL:INVALID:GNUTLS-RECORD-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SSL
Keywords
Application CVE-2012-1573 GenericBlockCipher GnuTLS Overflow Parsing Record TLS
Release Date
06/12/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Gnu
CVSS Score
5.0