Firefox < 37.0.1 HTTP/2 Alt-Svc Header Certificate Verification Bypass
Medium Nessus Plugin ID 82583
SynopsisThe remote Windows host contains a web browser that is affected by a security bypass vulnerability.
DescriptionThe version of Firefox installed on the remote Windows host is prior to 37.0.1. It is, therefore, affected by an error related to the HTTP/2 'Alt-Svc' header and SSL certificate verification, which allows man-in-the-middle (MitM) attacks.
SolutionUpgrade to Firefox 37.0.1 or later.