FreeBSD : NSS -- RSA Signature Forgery (48108fb0-751c-4cbb-8f33-09239ead4b55)
High Nessus Plugin ID 77883
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Mozilla Project reports :
Antoine Delignat-Lavaud discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates.
SolutionUpdate the affected packages.