This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
This plugin determines if the remote SSL certificate contains a Null
The remote host contains an SSL certificate with a common name
containing a Null character (\x00) in it. This may indicate a
compromise or that a program such as SSLsniff is spoofing the
certificate in order to intercept the traffic via a Man-in-The-Middle
Certificates with such characters may exploit a bug contained in many
different web browser and other SSL-related products, in how they
validate the common name of such a certificate.
See also :
Recreate the remote SSL certificate.
Risk factor :
High / CVSS Base Score : 8.3
Nessus Plugin ID: 42053 ()
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.