The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.openssl.org/news/secadv_20120419.txt http://marc.info/?l=full-disclosure&m=133483221408243 http://www.vuxml.org/freebsd/7184f92e-8bb8-11e1-8d7b-003067b2972c.html

The following package is affected: openssl CVE-2012-2110 The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.