Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.Install Now
Available for macOS, Windows, and Linux
OpenSSL Encrypt-Then-Mac Extension Denial of Service Vulnerability (Windows)
Denial of Service
6 years ago
4 years ago
This host is running OpenSSL and is prone to denial of service vulnerability.
The flaw exists, during a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite).
OpenSSL version 1.1.0 on Windows
Checks if a vulnerable version is present on the target host.
Upgrade to OpenSSL version 1.1.0e or later.