This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote service is affected by multiple vulnerabilities.
According to its banner, the remote web server uses a version of
OpenSSL 1.0.1 prior to 1.0.1h. The OpenSSL library is, therefore,
affected by the following vulnerabilities :
- A race condition exists in the ssl3_read_bytes()
function when SSL_MODE_RELEASE_BUFFERS is enabled. This
allows a remote attacker to inject data across sessions
or cause a denial of service. (CVE-2010-5298)
- A buffer overflow error exists related to invalid DTLS
fragment handling that can lead to execution of
arbitrary code. Note this issue only affects OpenSSL
when used as a DTLS client or server. (CVE-2014-0195)
- An error exists in the do_ssl3_write() function that
allows a NULL pointer to be dereferenced, resulting in a
denial of service. Note that this issue is exploitable
only if 'SSL_MODE_RELEASE_BUFFERS' is enabled.
- An error exists related to DTLS handshake handling that
could lead to denial of service attacks. Note that this
issue only affects OpenSSL when used as a DTLS client.
- An unspecified error exists that allows an attacker to
cause usage of weak keying material leading to
simplified man-in-the-middle attacks. (CVE-2014-0224)
- An unspecified error exists related to anonymous ECDH
ciphersuites that could allow denial of service
attacks. Note this issue only affects OpenSSL TLS
- An integer underflow condition exists in the
EVP_DecodeUpdate() function due to improper validation
of base64 encoded input when decoding. This allows a
remote attacker, using maliciously crafted base64 data,
to cause a segmentation fault or memory corruption,
resulting in a denial of service or possibly the
execution of arbitrary code. (CVE-2015-0292)
See also :
Upgrade to OpenSSL 1.0.1h or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 74364 ()
Bugtraq ID: 66801671936789867899679006790173228
CVE ID: CVE-2010-5298CVE-2014-0195CVE-2014-0198CVE-2014-0221CVE-2014-0224CVE-2014-3470CVE-2015-0292
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.