This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
OpenSAML developer reports :
The Shibboleth software relies on the OpenSAML libraries to perform
verification of signed XML messages such as attribute queries or SAML
assertions. Both the Java and C++ versions are vulnerable to a
so-called 'wrapping attack' that allows a remote, unauthenticated
attacker to craft specially formed messages that can be successfully
verified, but contain arbitrary content.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 5.8