- Home
- CVEs with nessus.description==According to its banner, the remote server is running a version of OpenSSL prior to 0.9.8k. It is, therefore, affected by multiple vulnerabilities :
- A denial of service vulnerability exists in the ASN1_STRING_print_ex() function due to improper string handling. A remote attacker can exploit this to cause an invalid memory access and application crash.
(CVE-2009-0590)
- A flaw exists in the CMS_verify() function due to improper handling of errors associated with malformed signed attributes. A remote attacker can exploit this to repudiate a signature that originally appeared to be valid but was actually invalid. (CVE-2009-0591)
- A denial of service vulnerability exists due to improper handling of malformed ASN.1 structures. A remote attacker can exploit this to cause an invalid memory access and application crash. (CVE-2009-0789)
- A memory leak exists in the SSL_free() function in ssl_lib.c. A remote attacker can exploit this to exhaust memory resources, resulting in a denial of service condition. (CVE-2009-5146)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top