Ubuntu Update For Nginx USN-2351-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that nginx incorrectly reused cached SSL sessions. An attacker could possibly use this issue in certain configurations to obtain access to information from a different virtual host.

Affected

nginx on Ubuntu 14.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-September/002665.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3616

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for dovecot vulnerabilities USN-1059-1
Ubuntu Update for clamav vulnerabilities USN-945-1
Ubuntu Update for apache2 USN-1765-1
Ubuntu Update for apache2 USN-2299-1
Ubuntu Update for curl USN-2167-1

Ubuntu Update for nginx USN-2351-1

Take action and discover your vulnerabilities