OpenSSL is prone to an overflow condition. The BUF_mem_grow, and BUF_mem_grow_clean functions fail to properly sanitize user-supplied input, which may potentially result in an overflow. This may allow an attacker to execute arbitrary code.

Upgrade to version 1.0.1A or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1026957 1027514
• CVE ID: 2012-2131 (see also: NVD)
• Secunia Advisory ID: 48999 49402 49440 49586 49670 50072 50097 50151 50444 50476 50594 50601 51522 51542 52019 52334 52437 52543 52869 52892 53065
• Bugtraq ID: 53212
• Related OSVDB ID: 81223
• Vendor Specific News/Changelog Entry: http://aix.software.ibm.com/aix/efixes/security/openssl_advisory4.asc
  http://cvs.openssl.org/chngview?cn=22431
  http://cvs.openssl.org/chngview?cn=22434
  http://cvs.openssl.org/chngview?cn=22439
  http://freecode.com/projects/openssl/releases/343955
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03315912
  http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03383940
  http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
  http://www-01.ibm.com/support/docview.wss?uid=swg21626257
  http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
  http://www.ibm.com/support/docview.wss?uid=nas12088ececb530423186257b410072035e
  http://www.ibm.com/support/docview.wss?uid=swg1IC84088
  http://www.ibm.com/support/docview.wss?uid=swg21607116
  http://www.ibm.com/support/docview.wss?uid=swg21627934
  http://www.ibm.com/support/docview.wss?uid=swg21631322
  http://www.ibm.com/support/docview.wss?uid=swg21633107
  http://www.openssl.org/news/secadv_20120419.txt
  https://www.ibm.com/support/docview.wss?uid=swg21619837
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2012-09/att-0046/ESA-2012-029.txt
  http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
  http://marc.info/?l=bugtraq&m=134039053214295&w=2
  http://seclists.org/bugtraq/2012/May/98
  https://lists.balabit.hu/pipermail/syslog-ng-announce/2012-August/000147.html
  https://lists.balabit.hu/pipermail/syslog-ng-announce/2012-August/000148.html
• Vendor Specific Advisory URL: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-001.txt.asc
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03383940
  http://support.attachmate.com/techdocs/1708.html
  http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_sterling_connect_enterprise_for_unix_is_affected_by_multiple_vulnerabilities_in_openssl12
  http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-645&viewMode=view [ Auth Req'd ]
  http://www.vmware.com/security/advisories/VMSA-2012-0013.html
  http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_XRX12-009_v1.1.pdf
  http://www.xerox.com/download/security/security-bulletin/16cd0-4ccb9d5fd3580/cert_XRX12-010_FFPSv8_v1.1.pdf
  https://kb.bluecoat.com/index?page=content&id=SA70
  https://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_infosphere_balanced_warehouse_c3000_c4000_and_d5100_and_ibm_smart_analytics_system_1050_2050_5600_and_5710_are_affected_by_vulnerabilities_in_openssl16
• Packet Storm: http://packetstormsecurity.org/files/113582/HP-Security-Bulletin-HPSBMU02776-SSRT100852.html
• Vendor URL: http://www.openssl.org/

• Tavis Ormandy - Google Security Team