logo
DATABASE RESOURCES PRICING ABOUT US

OpenSSL 1.0.1 < 1.0.1e Information Disclosure

Description

According to its banner, the remote web server is running a version of OpenSSL 1.0.1 prior to 1.0.1e. The OpenSSL library is, therefore, reportedly affected by an incomplete fix for CVE-2013-0169. An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.


Related