This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Several problems have been found in OpenSSL :
- During the parsing of certain invalid ASN1 structures an error
condition is mishandled, possibly resulting in an infinite loop.
- A buffer overflow exists in the SSL_get_shared_ciphers function.
- A NULL pointer may be dereferenced in the SSL version 2 client code.
In addition, many applications using OpenSSL do not perform any
validation of the lengths of public keys being used. Impact : Servers
which parse ASN1 data from untrusted sources may be vulnerable to a
denial of service attack.
An attacker accessing a server which uses SSL version 2 may be able to
execute arbitrary code with the privileges of that server.
A malicious SSL server can cause clients connecting using SSL version
2 to crash.
Applications which perform public key operations using untrusted keys
may be vulnerable to a denial of service attack. Workaround : No
workaround is available, but not all of the vulnerabilities mentioned
affect all applications.
See also :
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 24719 (freebsd_pkg_0f37d765c5d411db9f82000e0c2e438a.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now