32 matches found
MiracleLinux 8 : nspr-4.32.0-1.el8, nss-3.67.0-6.el8 (AXSA:2021-2445:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2445:02 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
MiracleLinux 4 : nss-3.44.0-7.0.1.AXS4 (AXSA:2021-1747:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1747:04 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
CLSA-2025-1760112150 nss: Fix of CVE-2020-25648
CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests...
nss: Fix of CVE-2020-25648
CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests...
CLSA-2025-1760106204 nss: Fix of CVE-2020-25648
CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests...
Alibaba Cloud Linux 3 : 0071: nss and nspr (ALINUX3-SA-2021:0071)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0071 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25648: A flaw was found in the way NSS...
CentOS 7 : nss (RHSA-2021:1384)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1384 advisory. - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...
Debian dla-3634 : libnss3 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3634 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3634-1 [email protected]...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2023-1713)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2022-0098)
The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denia...
USN-5410-1: NSS vulnerability | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service...
Ubuntu 18.04 LTS / 20.04 LTS : NSS vulnerability (USN-5410-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5410-1 advisory. Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NS...
NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Vulnerability (NS-SA-2022-0005)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by a vulnerability: - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...
NewStart CGSL CORE 5.05 / MAIN 5.05 : nss Vulnerability (NS-SA-2022-0030)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss packages installed that are affected by a vulnerability: - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...
AlmaLinux 8 : nss and nspr (ALSA-2021:3572)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3572 advisory. - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...
Rocky Linux 8 : nss and nspr (RLSA-2021:3572)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3572 advisory. - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a...
Moderate: nss and nspr security, bug fix, and enhancement update
Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. The following packages have been upgrad...
CentOS 8 : nss and nspr (CESA-2021:3572)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3572 advisory. - nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Note that Nessus has not tested for this issue but has instead relied only on the application's...
Medium: nss
Issue Overview: A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system...
Amazon Linux AMI : nss (ALAS-2021-1518)
The version of nss installed on the remote host is prior to 3.53.1-7.85. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1518 advisory. A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...