[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-429 ---- nss

ID: oval:org.secpod.oval:def:1600038Date: (C)2016-01-19   (M)2018-05-06
Class: PATCHFamily: unix




A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

Platform:
Amazon Linux AMI
Product:
nss
Reference:
ALAS-2014-429
CVE-2014-3566
CVE    1
CVE-2014-3566
CPE    2
cpe:/o:amazon:linux
cpe:/a:nss:network_security_services

© SecPod Technologies