OpenSSL 1.0.0 < 1.0.0j DTLS CBC Denial of Service

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote host may be affected by a denial of service vulnerability.

Description :

According to its banner, the remote web server is running a version
of OpenSSL 1.0.0 earlier than 1.0.0j. As such, the OpenSSL library
itself is reportedly affected by a denial of service vulnerability.

An integer underflow error exists in the file 'ssl/d1_enc.c' in the
function 'dtls1_enc'. When in CBC mode, DTLS record length values and
explicit initialization vector length values related to DTLS packets
are not handled properly, which can lead to memory corruption and
application crashes.

See also :

http://openssl.org/news/secadv_20120510.txt
http://www.openssl.org/news/changelog.html
http://cvs.openssl.org/chngview?cn=22538
https://bugzilla.redhat.com/show_bug.cgi?id=820686

Solution :

Upgrade to OpenSSL 1.0.0j or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 59077 ()

Bugtraq ID: 53476

CVE ID: CVE-2012-2333