Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSL 'bn_wexpand()' Multiple Vulnerabilities (Windows)
Information
Severity
Severity
Critical
Family
Family
General
CVSSv2 Base
CVSSv2 Base
10.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
14 years ago
Modified
Modified
5 years ago
Summary
This host is installed with OpenSSL and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are due to error in 'bn_wexpand()' function which does not check for a NULL return value when called in 'crypto/bn/bn_div.c', 'crypto/bn/bn_gf2m.c', 'crypto/ec/ec2_smpl.c', and 'engines/e_ubsec.c'.
Affected Software
Affected Software
OpenSSL version prior to 0.9.8m on Windows.
Solution
Solution
Upgrade to version 0.9.8m or later.