Amazon Linux AMI : nss-softokn (ALAS-2014-423)
High Nessus Plugin ID 78366
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.
SolutionRun 'yum update nss-softokn' to update your system.