OpenSSL ASN.1 Parser Multiple Remote DoS

high Nessus Plugin ID 11875


The remote host is affected by a heap corruption vulnerability.


The remote host seems to be running a version of OpenSSL that is older than 0.9.6k or 0.9.7c.

There is a heap corruption bug in this version that might be exploited by an attacker to execute arbitrary code on the remote host with the privileges of the remote service.


If you are running OpenSSL, upgrade to version 0.9.6k or 0.9.7c or newer.

Plugin Details

Severity: High

ID: 11875

File Name: ssltest.nasl

Version: 1.64

Type: remote

Family: Misc.

Published: 10/10/2003

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SSL/Supported

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/30/2002

Reference Information

CVE: CVE-2003-0543, CVE-2003-0544, CVE-2003-0545, CVE-2005-1247, CVE-2005-1730

BID: 8732, 13359

CWE: 119

RHSA: 2003:291-01

SuSE: SUSE-SA:2003:043