[原文]webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.
Novell Nsure Audit webadmin.exe ASN.1 Message Parsing DoS
Remote / Network Access
Denial of Service
Loss of Availability
The 'webadmin.exe' service in Novell Nsure Audit contains a flaw that may allow a remote denial of service. The issue is triggered when parsing malformed ASN.1 messages. By sending a malformed ASN.1 message to the service, a remote attacker could cause the system to crash resulting in a loss of availability.
Upgrade to version 1.0.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.