This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Matthias Andree reports :
Fetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL)
which contains a switch to disable a countermeasure against certain
attacks against block ciphers that permit guessing the initialization
vectors, providing that an attacker can make the application
(fetchmail) encrypt some data for him -- which is not easily the case.
Stream ciphers (such as RC4) are unaffected.
Credits to Apple Product Security for reporting this.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.3