According to its banner, the version of OpenSSL on the remote host is 1.0.1 prior to 1.0.1t, or 1.0.2 prior to 1.0.2h. It is therefore affected by the following vulnerabilities :
- A flaw exists in ‘crypto/asn1/a_d2i_fp.c’, which is triggered during the handling of large length fields in ASN.1 BIO. This may allow a remote attacker to exhaust memory resources, potentially crashing a process linked against the library.
- A flaw exists in the ‘aesni_cbc_hmac_sha1_cipher()’ function in ‘crypto/evp/e_aes_cbc_hmac_sha1.c’ and ‘aesni_cbc_hmac_sha256_cipher()’ function in ‘crypto/evp/e_aes_cbc_hmac_sha256.c’. The issue is triggered when a connection uses an AES CBC cipher and AES-NI is supported by the server. This may allow a MitM (Man-in-the-Middle) attacker to conduct a padding oracle attack to potentially decrypt traffic.
- A flaw in the ‘X509_NAME_oneline()’ function in ‘crypto/x509/x509_obj.c’ that is triggered when handling overly long ASN1 strings. This may allow a remote attacker to potentially disclose arbitrary stack memory contents.
- An overflow condition in the ‘EVP_EncryptUpdate()’ function in ‘crypto/evp/evp_enc.c’ is triggered when handling a large amount of input data after a previous call to the same function with a partial block. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially resulting in the execution of arbitrary code.
- An overflow condition in the ‘EVP_EncodeUpdate()’ function in ‘crypto/evp/encode.c’ is triggered when handling a large amount of input data. This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially resulting in the execution of arbitrary code.