OpenSSL < 0.9.8za / 1.0.0m / 1.0.1h Integer Underflow Vulnerability

High Log Correlation Engine Plugin ID 801938


The remote web server is affected by multiple vulnerabilities.


The remote host is running a version of OpenSSL which is vulnerable to an integer underflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via buffer overflow.


Upgrade to OpenSSL 0.9.8za, 1.0.0m, 1.0.1h, or later.

See Also

Plugin Details

Severity: High

ID: 801938

Family: Web Servers

Published: 2015/03/19

Nessus ID: 74363, 73403, 74364

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2015/03/19

Vulnerability Publication Date: 2015/03/19

Reference Information

CVE: CVE-2015-0292

BID: 73228