This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote server is affected by a certificate validation
According to its banner, the remote server is running a version of
OpenSSL that is earlier than 0.9.7.
Such versions do not verify the Basic Constraint for some
certificates. A remote attacker could perform a man-in-the-middle
Details on this weakness are missing. It is related to CVE-2002-0970.
OpenSSL 0.9.6 was reported as 'probably' vulnerable.
See also :
Upgrade to OpenSSL 0.9.7 or later.
Risk factor :
High / CVSS Base Score : 7.5
Family: Web Servers
Nessus Plugin ID: 17751 ()
CVE ID: CVE-2009-0653