OpenSSL 1.0.0 < 1.0.0j DTLS CBC Denial of Service

This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.

Synopsis :

The remote host may be affected by a denial of service vulnerability.

Description :

According to its banner, the remote web server is running a version
of OpenSSL 1.0.0 earlier than 1.0.0j. As such, the OpenSSL library
itself is reportedly affected by a denial of service vulnerability.

An integer underflow error exists in the file 'ssl/d1_enc.c' in the
function 'dtls1_enc'. When in CBC mode, DTLS record length values and
explicit initialization vector length values related to DTLS packets
are not handled properly, which can lead to memory corruption and
application crashes.

See also :

Solution :

Upgrade to OpenSSL 1.0.0j or later.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 59077 ()

Bugtraq ID: 53476

CVE ID: CVE-2012-2333

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now