Описание
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
A flaw was found in the way mod_nss parsed certain OpenSSL-style cipher strings. As a result, mod_nss could potentially use ciphers that were not intended to be enabled.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Certificate System 8 | mod_nss | Will not fix | ||
| Red Hat Enterprise Linux 5 | mod_nss | Will not fix | ||
| Red Hat Enterprise Linux 6 | mod_nss | Will not fix | ||
| Red Hat Enterprise Linux 7 | mod_nss | Fixed | RHSA-2016:2602 | 03.11.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
1.9 Low
CVSS2
Связанные уязвимости
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux ...
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
ELSA-2016-2602: mod_nss security, bug fix, and enhancement update (LOW)
EPSS
1.9 Low
CVSS2