How to exploit gain root of OpenSSL?



I am looking for a way to exploit (not dos) and gain root, if possible to an old version of OpenSSL. Nessus results are:
The remote host seems to be running a version of OpenSSL which is older than 0.9.6k or 0.9.7c.

Does anyone have any suggestions?

Thanks,
sparky

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • Re: nikto problems
    ... i noticed this problem a few weeks ago after some upgrades of openssl. ... i think libwhisker have some problems with the changes done in openssl. ... D: - Request Hash: ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: How to exploit gain root of OpenSSL?
    ... The remote host seems to be running a version of OpenSSL which is older than ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ...
    (Pen-Test)
  • Re: How to exploit gain root of OpenSSL?
    ... The remote host seems to be ... running a version of OpenSSL which is older than 0.9.6k or 0.9.7c. ... Spawns a nobody/apache shell on Apache, root on other servers. ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Source Installation of Nessus 2.0.8a on SuSE Linux
    ... the Nessus security scanner. ... I have documentation on how to install the latest version from source ... OpenSSL, even though the OpenSSL lib directory is in my ... I have installed Nessus 1.2.3 off the SuSE LINUX 8.1 DVD and it seems ...
    (comp.security.unix)