This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
PolarSSL team reports :
During the parsing of a ASN.1 sequence, a pointer in the linked list
of asn1_sequence is not initialized by asn1_get_sequence_of(). In case
an error occurs during parsing of the list, a situation is created
where the uninitialized pointer is passed to polarssl_free().
This sequence can be triggered when a PolarSSL entity is parsing a
certificate. So practically this means clients when receiving a
certificate from the server or servers in case they are actively
asking for a client certificate.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5