This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote service is affected by a denial of service vulnerability.
According to its banner, the remote host is running OpenSSL version
1.0.2i. It is, therefore, affected by a denial of service
vulnerability in x509_vfy.c due to improper handling of certificate
revocation lists (CRLs). An unauthenticated, remote attacker can
exploit this, via a specially crafted CRL, to cause a NULL pointer
dereference, resulting in a crash of the service.
See also :
Upgrade to OpenSSL version 1.0.2j or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true