Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
OpenSSL is prone to a remote memory-corruption vulnerability.
Insight
Insight
An attacker can exploit this issue by supplying specially crafted structures to a vulnerable application that uses the affected library.
Affected Software
Affected Software
Versions of OpenSSL 0.9.8.h through 0.9.8n and OpenSSL 1.0.x prior to 1.0.0a are affected. Note that Cryptographic Message Syntax (CMS) functionality is only enabled by default in OpenSSL versions 1.0.x.
Detection Method
Detection Method
According to its banner the remote Webserver is using a version prior to OpenSSL 0.9.8o/1.0.0a which is vulnerable.
Solution
Solution
Updates are available. Please see the references for more information.