This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote SuSE 11 host is missing one or more security updates.
The TLS/SSLv3 protocol as implemented in openssl prior to this update
was not able to associate data to a renegotiated connection. This
allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS
session without being noticed. For example Apache's mod_ssl was
vulnerable to this kind of attack because it uses openssl. Please note
that renegotiation will be disabled by this update and may cause
problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)
See also :
Apply SAT patch number 1540.
Risk factor :
Medium / CVSS Base Score : 5.8