OpenSSL SSL 2.0 rollback (weak cryptography)
Active man-in-the-middle attacker can force rollback to SSL 2.0 protocol with known cryptographic weakness for both client and server if SSLOPMSIESSLV2RSAPADDING or SSLOPALL configuration option is enabled...