The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.gnu.org/software/gnutls/security.html http://lists.gnu.org/archive/html/gnutls-devel/2008-11/msg00017.html http://www.vuxml.org/freebsd/45298931-b3bf-11dd-80f8-001cc0377035.html

The following package is affected: gnutls CVE-2008-4989 The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN).