[Forgot Password]
Login  Register Subscribe

24002

 
 

127027

 
 

102010

 
 

909

 
 

81374

 
 

133

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-429 ---- nss

ID: oval:org.secpod.oval:def:1600038Date: (C)2016-01-19   (M)2018-02-19
Class: PATCHFamily: unix




A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

Platform:
Amazon Linux AMI
Product:
nss
Reference:
ALAS-2014-429
CVE-2014-3566
CVE    1
CVE-2014-3566
CPE    135
cpe:/a:nss:network_security_services
cpe:/o:amazon:linux
cpe:/o:debian:debian_linux:7.0
cpe:/a:openssl:openssl:1.0.1:beta1
...

© 2013 SecPod Technologies