This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- The TLS implementation in Mozilla Network Security
Services (NSS) does not properly consider timing
side-channel attacks on a noncompliant MAC check
operation during the processing of malformed CBC
padding, which allows remote attackers to conduct
distinguishing attacks and plaintext-recovery attacks
via statistical analysis of timing data for crafted
packets, a related issue to CVE-2013-0169.
See also :
Upgrade to Solaris 184.108.40.206.0.
Risk factor :
Medium / CVSS Base Score : 4.3