This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
This plugin determines if the remote SSL certificate contains a Null
The remote host contains an SSL certificate with a common name
containing a Null character (\x00) in it. This may indicate a
compromise or that a program such as SSLsniff is spoofing the
certificate in order to intercept the traffic via a Man-in-The-Middle
Certificates with such characters may exploit a bug contained in many
different web browser and other SSL-related products, in how they
validate the common name of such a certificate.
See also :
Recreate the remote SSL certificate.
Risk factor :
High / CVSS Base Score : 8.3
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now