Detections
Analytics

OpenSSL 1.0.1 < 1.0.1s / 1.0.2 < 1.0.2g RCE

critical Nessus Network Monitor Plugin ID 9466

Synopsis

The remote web server is running an outdated instance of OpenSSL and that is affected by a remote code execution (RCE) vulnerability.

Description

According to its banner, the version of OpenSSL on the remote host is 1.0.2 prior to 1.0.2g or 1.0.1 prior to 1.0.1s and is affected by a flaw in the 'doapr_outch()' function within 'crypto/bio/b_print.c' that is triggered when failing to allocate memory, as the function's return value has no way to signal this error to a calling function. This may allow a context-dependent attacker to corrupt memory and crash a process linked against the library or potentially execute arbitrary code.

Solution

Upgrade OpenSSL to version 1.0.2g or higher. If 1.0.2 cannot be obtained, 1.0.1s has also been patched for this vulnerability.

See Also

https://www.openssl.org/news/secadv/20160301.txt

Plugin Details

Severity: Critical

ID: 9466

Family: Web Servers

Published: 8/5/2016

Updated: 3/6/2019

Nessus ID: 91541

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:openssl:openssl

Patch Publication Date: 3/1/2015

Vulnerability Publication Date: 2/25/2015

Reference Information

CVE: CVE-2016-2842