|Category:||Amazon Linux Local Security Checks|
|Title:||Amazon Linux: Security Advisory (ALAS-2013-172)|
|Summary:||The remote host is missing an update announced via the referenced Security Advisory.|
The remote host is missing an update announced via the referenced Security Advisory.
It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-1619 )
Run yum update gnutls to update your system.
Common Vulnerability Exposure (CVE) ID: CVE-2013-1619|
RedHat Security Advisories: RHSA-2013:0588
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
SuSE Security Announcement: SUSE-SU-2014:0322 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0807 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0346 (Google Search)
|Copyright||Copyright (C) 2015 Eero Volotinen|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.