Birthday attack vulnerability in 3DES cipher as used in TLS protocol in OpenSSLID: oval:org.secpod.oval:def:36844 | Date: (C)2016-08-25 (M)2024-04-17 |
Class: VULNERABILITY | Family: unix |
The host is installed with OpenSSL or NSS and is prone to a birthday attack vulnerability. A flaw is present in 3DES cipher as used in TLS protocol, which fails to renegotiate running connections. Successful exploitation could allow attackers to recover partial plaintext information.
Platform: |
Red Hat Enterprise Linux 5 |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |
Product: |
nss |
gnutls |
openssl |
openssl097a |
openssl098e |