Oval Definition:	oval:com.ubuntu.bionic:def:201812384000
Revision Date: 2019-04-29 Version: 1 Title: CVE-2018-12384 on Ubuntu 18.04 LTS (bionic) - low. Description: When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-12384 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND The 'nss' package in bionic was vulnerable but has been fixed (note: '2:3.35-2ubuntu2.1').
BACK