Detections
Analytics
OpenSSL < 0.9.8za / 1.0.0m / 1.0.1h Integer Underflow Vulnerability
high Log Correlation Engine Plugin ID 801938
Synopsis
The remote web server is affected by multiple vulnerabilities.Description
The remote host is running a version of OpenSSL which is vulnerable to an integer underflow that allows remote attackers to cause a denial of service or possibly have unspecified other impact via buffer overflow.Solution
Upgrade to OpenSSL 0.9.8za, 1.0.0m, 1.0.1h, or later.See Also
https://www.imperialviolet.org/2014/06/05/earlyccs.html
http://openssl.org/news/secadv_20150319.txt
http://ccsinjection.lepidum.co.jp/
http://www.openssl.org/news/vulnerabilities.html#CVE-2015-0292
Plugin Details
Severity: High
ID: 801938
Family: Web Servers
Published: 3/19/2015
Nessus ID: 74363, 73403, 74364
Vulnerability Information
Patch Publication Date: 3/19/2015
Vulnerability Publication Date: 3/19/2015
Reference Information
CVE: CVE-2015-0292
BID: 73228