F5 Networks BIG-IP : OpenSSL vulnerability (K51920288)
Medium Nessus Plugin ID 94766
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionInteger overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. (CVE-2016-2105)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K51920288.