Scientific Linux Security Update : nss on SL5.x, SL6.x i386/x86_64
High Nessus Plugin ID 77957
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568)
After installing this update, applications using NSS must be restarted for this update to take effect.
SolutionUpdate the affected packages.