This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
It was discovered that Axis incorrectly extracted the host name from
an X.509 certificate subject's Common Name (CN) field. A
man-in-the-middle attacker could use this flaw to spoof an SSL server
using a specially crafted X.509 certificate. (CVE-2014-3596)
Applications using Apache Axis must be restarted for this update to
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.8