This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
strongSwan security team reports :
If the openssl plugin is used for ECDSA signature verification an
empty, zeroed or otherwise invalid signature is handled as a
legitimate one. Both IKEv1 and IKEv2 are affected.
Affected are only installations that have enabled and loaded the
OpenSSL crypto backend (--enable-openssl). Builds using the default
crypto backends are not affected.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.9