This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
In an upcoming paper, Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge
Vaudenay (EPFL), and Martin Vuagnoux (EPFL, Ilion) describe and
demonstrate a timing-based attack on CBC ciphersuites in SSL and TLS.
New versions of openssl have been released in response to this
vulnerability (0.9.6i and 0.9.7a). The openssl released with
Linux-Mandrake 7.2 and Single Network Firewall 7.2 has been patched to
correct this issue.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0