NSClient++ Having Mutiple Security Vulnerablities

[ext-im]

Issue and Steps to Reproduce

Describe your issue and tell us how to reproduce it.

When we performed the scan using Nessus we discovered the NSClient++ is having multiple security vulnerabilities. We are still using the latest version of NSClient which is 0.5.2.35

PLEASE PROVIDE COMMAND HERE

Expected Behavior

Can someone provide a solution how to fix these vulnerabilities?

Actual Behavior

1) SSL Medium Strength Cipher Suites Supported (SWEET32) 2) HIGH SSL Certificate Signed Using Weak Hashing Algorithm 3) SSL Certificate Cannot Be Trusted
4) SSL Self-Signed Certificate
5) OpenSSL AES-NI Padding Oracle MitM Information Disclosure

Details

• NSClient++ version: 0.5.2.35
• OS and Version: Windows Server 2012
• Checking from: Centreon, Icinga, OP5, ...
• Checking with: check_nrpe, check_nt, ...

Additional Details

CVE-2004-2761: https://www.tenable.com/plugins/nessus/35291 CVE-2016-2183: https://www.tenable.com/plugins/nessus/42873 https://www.tenable.com/plugins/nessus/51192 https://www.tenable.com/plugins/nessus/57582 CVE-2016-2107: https://www.tenable.com/plugins/nessus/91572

PLEASE PASTE LOG HERE

CVE-2004-2761: https://www.tenable.com/plugins/nessus/35291 CVE-2016-2183: https://www.tenable.com/plugins/nessus/42873 https://www.tenable.com/plugins/nessus/51192 https://www.tenable.com/plugins/nessus/57582 CVE-2016-2107: https://www.tenable.com/plugins/nessus/91572

[ext-im]

[ext-im]

I have posted all the Output which were flagged from the Nessus scanning tool. These were the security vulnerabilities listed for the current version of NSclinet++, is it possible to fix these vulnerabilities ?