FreeBSD : openssl -- crash on handshake (1a802ba9-f444-11e6-9940-b499baebfeaf)
Medium Nessus Plugin ID 97219
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe OpenSSL project reports :
Severity: High During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers are affected. This issue does not affect OpenSSL version 1.0.2.
SolutionUpdate the affected package.