Summary
OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference.
According to its banner, OVS has discovered that the remote Webserver is using a version prior to OpenSSL 0.9.8n which is vulnerable.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
OpenSSL versions 0.9.8m and prior are vulnerable.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-0433 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities