Summary
This host is installed with OpenSSL and is prone to Multiple Vulnerabilities.
Impact
Successful exploitation will let the attacker cause memory access violation, security bypass or can cause denial of service.
Solution
Upgrade to OpenSSL version 0.9.8k
http://openssl.org
Insight
- error exists in the 'ASN1_STRING_print_ex()' function when printing 'BMPString' or 'UniversalString' strings which causes invalid memory access violation.
- 'CMS_verify' function incorrectly handles an error condition when processing malformed signed attributes.
- error when processing malformed 'ASN1' structures which causes invalid memory access violation.
Affected
OpenSSL version prior to 0.9.8k on all running platform.
References
Severity
Classification
-
CVE CVE-2009-0590, CVE-2009-0591, CVE-2009-0789 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities