NSS vulnerability

2013-03-14T00:00:00
ID USN-1763-1
Type ubuntu
Reporter Ubuntu
Modified 2013-03-14T00:00:00

Description

Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the “Lucky Thirteen” issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.