Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as
used in GnuTLS was vulnerable to a timing side-channel attack known as
the 'Lucky Thirteen' issue. A remote attacker could use this issue to
perform plaintext-recovery attacks via analysis of timing data.
Update the affected libgnutls13 and / or libgnutls26 packages.
Risk factor :
Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : false