Nessus is potentially impacted by seven vulnerabilities in OpenSSL that were recently disclosed and fixed. OpenSSL contains an invalid read flaw in the ASN1_TYPE_cmp() function in crypto/asn1/a_type.c that is triggered when an attempt is made to compare ASN.1 boolean types. This may allow a context-dependent attacker to crash an application linked against the library. (CVE-2015-0286) OpenSSL contains a flaw in the ASN1_item_ex_d2i() function in crypto/asn1/tasn_dec.c. The issue is triggered as user-supplied input is not properly validated when reusing a structure in ASN.1 parsing. This may allow an attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code in an application linked against the library. (CVE-2015-0287) OpenSSL contains a NULL pointer dereference flaw in the PKCS#7 parsing code that is triggered when handling missing outer ContentInfo. This may allow an attacker to cause a denial of service in an application linked against the library. (CVE-2015-0289) OpenSSL contains a flaw that is triggered when handling a specially crafted SSLv2 CLIENT-MASTER-KEY message. This may allow a malicious client to cause an application linked against the library to abort. (CVE-2015-0293) OpenSSL contains a NULL pointer dereference flaw in the X509_to_X509_REQ() function in crypto/x509/x509_req.c. With a specially crafted X.509 certificate, an attacker can crash an application linked against the library. (CVE-2015-0288) OpenSSL contains a use-after-free condition in the d2i_ECPrivateKey() function in crypto/ec/ec_asn1.c that is triggered when encountering certain errors. This may allow a remote attacker to dereference or free already freed memory, crashing an application linked against the library. (CVE-2015-0209) OpenSSL contains a flaw that is triggered when handling RSA temporary keys in a non-export RSA key exchange ciphersuite. This may allow a remote attacker to downgrade the security of a session to use EXPORT_RSA ciphers, which are significantly weaker than non-export ciphers. This may allow a man-in-the-middle attacker to more easily break the encryption and monitor or tamper with the encrypted stream. This issue has been dubbed 'FREAK'. (CVE-2015-0204) OpenSSL contains a flaw that is triggered as the program accepts non-DER-variations of certificate signature algorithm and signature encodings. Due to the program not enforcing a match between signature algorithm for signed and unsigned portions of the signature, a remote attacker can modify the contents of the signature algorithm or encoding of the signature and change a certificate's fingerprint. This may allow the attacker to bypass certain features, such as certificate blacklists, of custom applications that rely on fingerprint uniqueness. (CVE-2014-8275) OpenSSL contains an integer underflow condition in the EVP_DecodeUpdate() function in crypto/evp/encode.c that is triggered as Base64 encoded input is not properly validated when decoding. This may allow an attacker to cause a buffer overflow, crashing an application linked against the library or potentially execute arbitrary code. (CVE-2015-0292) Notes and caveats: Note that the associated CVSSv2 score represents the highest scored of the seven issues. Nessus is affected by CVE-2015-0204, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, and CVE-2015-0293. The Tenable Appliance is affected by CVE-2015-0204, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2014-8275, and CVE-2015-0292. SecurityCenter is affected by CVE-2015-0286 Tenable strongly recommends that products be installed on a subnet that is not Internet addressable.