VULNERABILITY_CHECKS
 |
LAST_7_DAYS |
| HELPER_TEXT_FOR_ITEM |
| CATEGORY: Web Servers | RISK: Medium | ADDED: 28 Jan 2012 |
| Synopsis: The remote host may be affected by a denial of service vulnerability. Description: According to its banner, the remote web server is running OpenSSL version 1.0.0f. This version has a flaw in the fix for CVE-2011-4108 such that Datagram Transport Layer Security (DTLS) applications that use it are vulnerable to a denial of service attack. See also: http://www.openssl.org/news/secadv_20120118.txt http://www.openssl.org/news/changelog.html Solution: Upgrade to OpenSSL 1.0.0g or later. Risk factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) |
||
