Vulnerabilities > CVE-1999-0428 - Remote Security vulnerability in SSLeay
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
Nessus
| NASL family | Web Servers |
| NASL id | OPENSSL_0_9_2B.NASL |
| description | According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.2b. A remote attacker could reuse an SSL session under a different context and bypass access control mechanisms based on client certificates. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17798 |
| published | 2012-01-12 |
| reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/17798 |
| title | OpenSSL < 0.9.2b Session Reuse |