Oval Definition:	oval:com.ubuntu.precise:def:20131740000
Revision Date: 2014-01-18 Version: 1 Title: CVE-2013-1740 on Ubuntu 12.04 LTS (precise) - medium. Description: The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-1740 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'nss' package in precise was vulnerable but has been fixed (note: '3.15.4-0ubuntu0.12.04.1').
BACK