This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote application is affected by multiple denial of service
The SecurityCenter application installed on the remote host is
affected by multiple denial of service vulnerabilities in the bundled
OpenSSL library. The library is version 1.0.1 prior to 1.0.1j. It is,
therefore, affected by the following vulnerabilities :
- A memory leak exists in the DTLS SRTP extension parsing
code. A remote attacker can exploit this issue, using a
specially crafted handshake message, to cause excessive
memory consumption, resulting in a denial of service
- A memory leak exists in the SSL, TLS, and DTLS servers
related to session ticket handling. A remote attacker
can exploit this, using a large number of invalid
session tickets, to cause a denial of service condition.
See also :
Apply the relevant patch referenced in the vendor advisory.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : false