Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.
OpenSSL
After scanning a website with 'Nessus'.
I found out that the website is, to quote
The remote host is using a version of OpenSSL which is
older than 0.9.6m or 0.9.7d
There are several bug in this version of OpenSSL which may allow
an attacker to cause a denial of service against the remote host.
Nessus solely relied on the banner of the remote host
to issue this warning
Solution: Upgrade to version 0.9.6m (0.9.7d) or newer
Risk Factor : High
CVE : CVE-2004-0079, CVE-2004-0081, CVE-2004-0112
BID : 9899
Other references : IAVA:2004-B-0006, OSVDB:4316, OSVDB:4317, OSVDB:4318
Plugin ID : 12110
The remote host is using a version of OpenSSL which is
older than 0.9.6j or 0.9.7b
This version is vulnerable to a timing based attack which may
allow an attacker to guess the content of fixed data blocks and
may eventually be able to guess the value of the private RSA key
of the server.
An attacker may use this implementation flaw to sniff the
data going to this host and decrypt some parts of it, as well
as impersonate your server and perform man in the middle attacks.
Nessus solely relied on the banner of the remote host
to issue this warning
See Also : http://www.openssl.org/news/secadv_20030219.txt
http://lasecwww.epfl.ch/memo_ssl.shtml
http://eprint.iacr.org/2003/052/
Solution: Upgrade to version 0.9.6j (0.9.7b) or newer
Risk Factor : Medium
CVE : CVE-2003-0078, CVE-2003-0131, CVE-2003-0147
BID : 6884, 7148
Other references : OSVDB:3945, OSVDB:3946, RHSA:RHSA-2003:101-01, SuSE:SUSE-SA:2003:024
Plugin ID : 11267
Port is open
Plugin ID : 11219
A web server is running on this port
Plugin ID : 10330
Is there anyway I can exploit this, or are there any articles I can read to help me.