This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
OpenSSL reports :
During certificate verification, OpenSSL (starting from version 1.0.1n
and 1.0.2b) will attempt to find an alternative certificate chain if
the first attempt to build such a chain fails. An error in the
implementation of this logic can mean that an attacker could cause
certain checks on untrusted certificates to be bypassed, such as the
CA flag, enabling them to use a valid leaf certificate to act as a CA
and 'issue' an invalid certificate.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.4