This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote host allows resuming SSL sessions with a different cipher
than the one originally negotiated.
The SSL implementation on the remote host has been shown to allow a
cipher other than the one originally negotiated when resuming a
session. An attacker that sees (e.g. by sniffing) the start of an SSL
connection may be able to manipulate session cache to cause subsequent
resumptions of that session to use a cipher chosen by the attacker.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now