USN-1007-1 -- nss vulnerabilitiesID: oval:org.secpod.oval:def:700193 | Date: (C)2011-01-28 (M)2021-11-07 |
Class: PATCH | Family: unix |
Richard Moore discovered that NSS would sometimes incorrectly match an SSL certificate which had a Common Name that used a wildcard followed by a partial IP address. While it is very unlikely that a Certificate Authority would issue such a certificate, if an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Nelson Bolyard discovered a weakness in the Diffie-Hellman Ephemeral mode key exchange implementation which allowed servers to use a too small key length
Platform: |
Ubuntu 8.04 |
Ubuntu 10.10 |
Ubuntu 10.04 |
Ubuntu 9.04 |
Ubuntu 9.10 |