Fedora Core 5 : nss-3.11.3-0.5.fc5 (2006-979)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora Core host is missing a security update.

Description :

Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.

Daniel Bleichenbacher recently described an implementation error in
RSA signature verification. For RSA keys with exponent 3 it is
possible for an attacker to forge a signature that which would be
incorrectly verified by the NSS library. (CVE-2006-4340)

All users of NSS, which includes users of Firefox, Thunderbird,
SeaMonkey, and other mozilla.org products, are recommended to update
to this package, which contains NSS version 3.11.3 which is not
vulnerable to this issue.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?67f30053

Solution :

Update the affected packages.

Risk factor :

High

Family: Fedora Local Security Checks

Nessus Plugin ID: 24182 (fedora_2006-979.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now