This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
The MITRE CVE database describes CVE-2011-3207 as :
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not
initialize certain structure members, which makes it easier for remote
attackers to bypass CRL validation by using a nextUpdate value
corresponding to a time in the past.
See also :
Run 'yum upgrade openssl' to upgrade your system.
Risk factor :
Medium / CVSS Base Score : 5.0