Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gain a shell remotely --> Category: infos

OpenSSL overflow via invalid certificate passing Vulnerability Scan

Vulnerability Scan Summary
Checks for the behavior of SSL

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote host is vulnerable to a heap corruption vulnerability.

Description :

The remote host seems to be running a version of OpenSSL which is older
than 0.9.6k or 0.9.7c.

There is a heap corruption bug in this version which might be exploited by an
attacker to execute arbitrary code on the remote host with the rights
of the remote service.

Solution :

If you are running OpenSSL, upgrade to version 0.9.6k or 0.9.7c or newer.

Threat Level:

Critical / CVSS Base Score : 10

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.