This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The default configuration of OpenSSL on the remote server uses a weak
According to its banner, the remote server is running a version of
OpenSSL that is earlier than 0.9.8.
The default configuration uses MD5 instead of a stronger hash
algorithm. An attacker could forge certificates.
If you never generate certificates on this machine, you may ignore
See also :
Upgrade to OpenSSL 0.9.8 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Web Servers
Nessus Plugin ID: 17759 ()
CVE ID: CVE-2005-2946