This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote Fedora Core host is missing a security update.
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.
Daniel Bleichenbacher recently described an implementation error in
RSA signature verification. For RSA keys with exponent 3 it is
possible for an attacker to forge a signature that which would be
incorrectly verified by the NSS library. (CVE-2006-4340)
All users of NSS, which includes users of Firefox, Thunderbird,
SeaMonkey, and other mozilla.org products, are recommended to update
to this package, which contains NSS version 3.11.3 which is not
vulnerable to this issue.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected packages.
Risk factor :
Family: Fedora Local Security Checks
Nessus Plugin ID: 24182 (fedora_2006-979.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now