The host is installed with OpenSSL 1.1.0 before 1.1.0c and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle TLS connections. Successful exploitation allows remote attackers to crash OpenSSL.