FreeBSD : socat -- diffie hellman parameter was not prime (a52a7172-c92e-11e5-96d6-14dae9d210b8)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

socat reports :

In the OpenSSL address implementation the hard-coded 1024 bit DH p
parameter was not prime. The effective cryptographic strength of a key
exchange using these parameters was weaker than the one one could get
by using a prime p. Moreover, since there is no indication of how
these parameters were chosen, the existence of a trapdoor that makes
possible for an eavesdropper to recover the shared secret from a key
exchange that uses them cannot be ruled out.

See also :

http://www.dest-unreach.org/socat/contrib/socat-secadv7.html
http://www.nessus.org/u?0a73626c

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 88513 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now