This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A missing bounds check was found in the way OpenSSL handled TLS
heartbeat extension packets. This flaw could be used to reveal up to
64k of memory from a connected client or server.
See also :
Run 'yum update openssl' to update your system and restart all
services that are using openssl.
While the new package is still
named openssl-1.0.1e, it does contain the fix for CVE-2014-0160.
Risk factor :
High / CVSS Base Score : 9.4
Public Exploit Available : true
Family: Amazon Linux Local Security Checks
Nessus Plugin ID: 73438 ()
CVE ID: CVE-2014-0160