This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x
before 3.2.12 does not properly handle unspecified
errors when verifying X.509 certificates from SSL
servers, which allows man-in-the-middle attackers to
spoof servers via a crafted certificate. (CVE-2014-0092)
See also :
Upgrade to Solaris 18.104.22.168.0.
Risk factor :
Medium / CVSS Base Score : 5.8