F5 Networks BIG-IP : OpenSSL vulnerability (K75152412)
Critical Nessus Plugin ID 93841
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the 'negative zero' issue.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K75152412.