FreeBSD : mozilla -- hostname spoofing bug (5360a659-131c-11d9-bc4a-000c41e2cdad)
High Nessus Plugin ID 18934
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionWhen processing URIs that contain an unqualified host name-- specifically, a domain name of only one component-- Mozilla will perform matching against the first component of the domain name in SSL certificates. In other words, in some situations, a certificate issued to 'www.example.com' will be accepted as matching 'www'.
SolutionUpdate the affected packages.