FreeBSD : mbedTLS/PolarSSL -- SLOTH attack on TLS 1.2 server authentication (4084168e-b531-11e5-a98c-0011d823eebd)
High Nessus Plugin ID 87789
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionARM Limited reports :
MD5 handshake signatures in TLS 1.2 are vulnerable to the SLOTH attack on TLS 1.2 server authentication. They have been disabled by default.
Other attacks from the SLOTH paper do not apply to any version of mbed TLS or PolarSSL.
SolutionUpdate the affected packages.