This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote AIX host is missing a security patch.
'sendmail before 8.14.4 does not properly handle a '\0' character in a
Common Name (CN) field of an X.509 certificate, which (1) allows
man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers
via a crafted server certificate issued by a legitimate Certification
Authority, and (2) allows remote attackers to bypass intended access
restrictions via a crafted client certificate issued by a legitimate
Certification Authority, a related issue to CVE-2009-2408.'.
See also :
Install the appropriate interim fix.
Risk factor :
High / CVSS Base Score : 7.5