F5 Networks BIG-IP : OpenSSL vulnerability (K36488941)
Medium Nessus Plugin ID 94985
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionInteger overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. (CVE-2016-2106)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K36488941.