The host is missing a security update according to Mozilla advisory, MFSA 2015-08. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder. Successful exploitation allows attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.