[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2016-0007 -- Oracle nss

ID: oval:org.secpod.oval:def:1501297Date: (C)2016-02-05   (M)2024-01-29
Class: PATCHFamily: unix




A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.

Platform:
Oracle Linux 7
Product:
nss
Reference:
ELSA-2016-0007
CVE-2015-7575
CVE    1
CVE-2015-7575
CPE    2
cpe:/a:nss:network_security_services
cpe:/o:oracle:linux:7

© SecPod Technologies