Amazon Linux AMI : nss (ALAS-2017-848)
Medium Nessus Plugin ID 101001
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionNULL pointer dereference when handling empty SSLv2 messages :
A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)
SolutionRun 'yum update nss' to update your system.