OpenSSL < 0.9.8za / 1.0.0m / 1.0.1h Integer Underflow Vulnerability

high Log Correlation Engine Plugin ID 801938


The remote web server is affected by multiple vulnerabilities.


The remote host is running a version of OpenSSL which is vulnerable to an integer underflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via buffer overflow.


Upgrade to OpenSSL 0.9.8za, 1.0.0m, 1.0.1h, or later.

See Also

Plugin Details

Severity: High

ID: 801938

Family: Web Servers

Published: 3/19/2015

Nessus ID: 74363, 73403, 74364

Risk Information


Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Patch Publication Date: 3/19/2015

Vulnerability Publication Date: 3/19/2015

Reference Information

CVE: CVE-2015-0292

BID: 73228