OracleVM 3.3 : nss (OVMSA-2016-0003)

Medium Nessus Plugin ID 87802


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- Added nss-vendor.patch to change vendor

- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol

- Resolves: Bug 1289881


Update the affected nss / nss-sysinit / nss-tools packages.

See Also

Plugin Details

Severity: Medium

ID: 87802

File Name: oraclevm_OVMSA-2016-0003.nasl

Version: $Revision: 2.2 $

Type: local

Published: 2016/01/08

Modified: 2017/02/14

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:nss, p-cpe:/a:oracle:vm:nss-sysinit, p-cpe:/a:oracle:vm:nss-tools, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Patch Publication Date: 2016/01/07