This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.
The default configuration of OpenSSL on the remote server uses a weak
According to its banner, the remote server is running a version of
OpenSSL that is earlier than 0.9.8.
The default configuration uses MD5 instead of a stronger hash
algorithm. An attacker could forge certificates.
If you never generate certificates on this machine, you may ignore
See also :
Upgrade to OpenSSL 0.9.8 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : false