The host is installed with OpenSSL 1.0.x before 1.0.0e and is prone to denial of service vulnerability. A flaw is present in the application, which does not initialize certain structure members. Successful exploitation makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.