FreeBSD : FreeBSD -- OpenSSL Remote DoS vulnerability (0fcd3af0-a0fe-11e6-b1cf-14dae9d210b8)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Due to improper handling of alert packets, OpenSSL would consume an
excessive amount of CPU time processing undefined alert messages.
Impact : A remote attacker who can initiate handshakes with an OpenSSL
based server can cause the server to consume a lot of computation
power with very little bandwidth usage, and may be able to use this
technique in a leveraged Denial of Service attack.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 94492 ()

Bugtraq ID:

CVE ID: CVE-2016-8610

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now