This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote server is affected by multiple vulnerabilities.
According to its banner, the remote server is running a version of
OpenSSL that is earlier than 0.9.8f. As such, it is affected by the
following vulnerabilities :
- A local attacker could perform a side-channel attack
against the Montgomery multiplication code and retrieve
RSA private keys. Note that this has not been exploited
outside a laboratory environment. (CVE-2007-3108)
- A remote attacker could execute arbitrary code by
exploiting an off-by-one error in the DTLS
See also :
Upgrade to OpenSSL 0.9.8f or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false