This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- OpenStack keystonemiddleware (formerly
python-keystoneclient) 0.x before 0.11.0 and 1.x before
1.2.0 disables certification verification when the
'insecure' option is set in a paste configuration
(paste.ini) file regardless of the value, which allows
remote attackers to conduct man-in-the-middle attacks
via a crafted certificate. (CVE-2014-7144)
See also :
Upgrade to Solaris 126.96.36.199.0.
Risk factor :
Medium / CVSS Base Score : 4.3