This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote web server is affected by a signature forgery
According to its self-reported version, the Oracle iPlanet Web Server
(formerly known as Sun Java System Web Server) running on the remote
host is 7.0.x prior to 7.0.21. It is, therefore, affected by a flaw in
the Network Security Services (NSS) library due to improper parsing of
ASN.1 values in an RSA signature. A man-in-the-middle attacker, using
a crafted certificate, can exploit this to forge RSA signatures, such
as SSL certificates.
See also :
Upgrade to Oracle iPlanet Web Server 7.0.21 or later.
Risk factor :
High / CVSS Base Score : 8.8
CVSS Temporal Score : 7.3
Public Exploit Available : true