Wind River Support Network

HomeDefectsLIN6-6725

Fixed

LIN6-6725 : Security Advisory - nss - CVE-2013-1740

Created: Feb 16, 2014 Updated: Dec 3, 2018

Resolved Date: Apr 21, 2014

Previous ID: LIN3-35641

Found In Version: 6.0.0.6

Fix Version: 6.0.0.6

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38