This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Michal Trojnara reports :
64-bit versions of stunnel with the following conditions : * NTLM
authentication enabled * CONNECT protocol negotiation enabled *
Configured in SSL client mode * An attacker that can either control
the proxy server specified in the 'connect' option or execute MITM
attacks on the TCP session between stunnel and the proxy
Can be exploited for remote code execution. The code is executed
within the configured chroot directory, with privileges of the
configured user and group.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 6.6