This script is Copyright (C) 2004-2013 Digital Defense
The remote service is susceptible to a buffer overflow attack.
The remote host seems to be using the Mozilla Network Security
Services (NSS) Library, a set of libraries designed to support the
development of security-enabled client/server applications.
There seems to be a flaw in the remote version of this library, in the
SSLv2 handling code, that may allow an attacker to cause a heap
overflow and therefore execute arbitrary commands on the remote host.
To exploit this flaw, an attacker needs to send a malformed SSLv2
'hello' message to the remote service.
See also :
Upgrade the remote service to use NSS 3.9.2 or newer.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 14361 ()
Bugtraq ID: 11015
CVE ID: CVE-2004-0826
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.