NSS Library SSL v.2.0 remote command execution

Description
  • The remote host seems to be using a vulnerable version of the Mozilla Network Security Services (NSS) Library, the SSL v.2.0 handling code may allow an attacker to cause a heap overflow and therefore execute arbitrary commands on the remote host.
Remediation
  • Upgrade the remote service to use NSS 3.9.2 or newer.