FreeBSD : OpenSSL -- Cache timing vulnerability (8f353420-4197-11e8-8777-b499baebfeaf)
Medium Nessus Plugin ID 109066
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe OpenSSL project reports :
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.
SolutionUpdate the affected packages.