[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2014-429 ---- nss

ID: oval:org.secpod.oval:def:1600038Date: (C)2016-01-19   (M)2017-11-10
Class: PATCHFamily: unix




A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

Platform:
Amazon Linux AMI
Product:
nss
Reference:
ALAS-2014-429
CVE-2014-3566
CVE    1
CVE-2014-3566
CPE    135
cpe:/a:nss:network_security_services
cpe:/o:amazon:linux
cpe:/a:openssl:openssl:1.0.0n
cpe:/a:openssl:openssl:1.0.0m
...

© 2013 SecPod Technologies