This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote web server is affected by multiple vulnerabilities.
According to its banner, the remote web server is running a version
of OpenSSL older than 0.9.8q or 1.0.0c. Such versions are potentially
affected by multiple vulnerabilities :
- It may be possible to downgrade the ciphersuite to a
weaker version by modifying the stored session cache
- An error exists in the J-PAKE implementation that could
lead to successful validation by someone with no
knowledge of the shared secret.
See also :
Upgrade to OpenSSL 0.9.8q / 1.0.0c or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false
Family: Web Servers
Nessus Plugin ID: 51058 ()
Bugtraq ID: 4516345164
CVE ID: CVE-2010-4180CVE-2010-4252
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.