This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
The TLS/SSLv3 protocol as implemented in openssl prior to this update
was not able to associate data to a renegotiated connection. This
allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS
session without being noticed. For example Apache's mod_ssl was
vulnerable to this kind of attack because it uses openssl. Please note
that renegotiation will be disabled by this update and may cause
problems in some cases. (CVE-2009-3555: CVSS v2 Base Score: 6.4)
See also :
Update the affected compat-openssl097g packages.
Risk factor :
Medium / CVSS Base Score : 5.8