Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as
used in NSS was vulnerable to a timing side-channel attack known as
the 'Lucky Thirteen' issue. A remote attacker could use this issue to
perform plaintext-recovery attacks via analysis of timing data.
Update the affected libnss3 and / or libnss3-1d packages.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 65572 ()
CVE ID: CVE-2013-1620