The host is installed with OpenSSL 0.9.8f or 0.9.8g and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference. Successful exploitation could allow remote attackers to cause a denial of service (crash).