Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-971-1:24044
HistoryMay 31, 2017 - 8:28 p.m.

[SECURITY] [DLA 971-1] nss security update

2017-05-3120:28:03
lists.debian.org
7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

Package : nss
Version : 2:3.26-1+debu7u4
CVE ID : CVE-2017-7502
Debian Bug : 863839

CVE-2017-7502

A null pointer dereference vulnerability in NSS was found when server
receives empty SSLv2 messages. This issue was introduced with the recent
removal of SSLv2 protocol from upstream code in 3.24.0 and introduction
of dedicated parser able to handle just sslv2-style hello messages.

For Debian 7 "Wheezy", this problem has been fixed in version
2:3.26-1+debu7u4.

We recommend that you upgrade your nss packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-------------- Ola Lundqvist --------------------
/ [email protected] GPG fingerprint
| [email protected] 22F2 32C6 B1E0 F4BF 2B26 |

http://inguza.com/ 0A6A 5E90 DCFA 9426 876F /
OSVersionArchitecturePackageVersionFilename
Debian7i386libnss3-dbg< 2:3.26-1+debu7u4libnss3-dbg_2:3.26-1+debu7u4_i386.deb
Debian8kfreebsd-i386libnss3-1d< 2:3.26-1+debu8u2libnss3-1d_2:3.26-1+debu8u2_kfreebsd-i386.deb
Debian8mipsellibnss3-tools< 2:3.26-1+debu8u2libnss3-tools_2:3.26-1+debu8u2_mipsel.deb
Debian8powerpclibnss3< 2:3.26-1+debu8u2libnss3_2:3.26-1+debu8u2_powerpc.deb
Debian8kfreebsd-amd64libnss3-tools< 2:3.26-1+debu8u2libnss3-tools_2:3.26-1+debu8u2_kfreebsd-amd64.deb
Debian7armellibnss3-1d< 2:3.26-1+debu7u4libnss3-1d_2:3.26-1+debu7u4_armel.deb
Debian8allnss< 2:3.26-1+debu8u2nss_2:3.26-1+debu8u2_all.deb
Debian7armellibnss3< 2:3.26-1+debu7u4libnss3_2:3.26-1+debu7u4_armel.deb
Debian8ppc64ellibnss3-dev< 2:3.26-1+debu8u2libnss3-dev_2:3.26-1+debu8u2_ppc64el.deb
Debian8amd64libnss3-dbg< 2:3.26-1+debu8u2libnss3-dbg_2:3.26-1+debu8u2_amd64.deb
Rows per page:
1-10 of 821

Related

nessus 17
redhatcve 1
openvas 12
ubuntu 2
cve 1
ubuntucve 1
redhat 4
debiancve 1
veracode 1
f5 1
amazon 1
ibm 5
prion 1
oraclelinux 2
osv 2
centos 2
mageia 1
symantec 1
debian 1
oracle 1
nessus
nessus
Scientific Linux Security Update : nss on SL7.x x86_64 (20170530)
2017-05-31 00:00:00
Oracle Linux 6 : nss (ELSA-2017-1364)
2017-05-31 00:00:00
Amazon Linux AMI : nss (ALAS-2017-848)
2017-06-23 00:00:00
redhatcve
redhatcve
CVE-2017-7502
2017-05-30 03:18:53
openvas
openvas
CentOS Update for nss CESA-2017:1365 centos7
2017-06-01 00:00:00
Ubuntu: Security Advisory (USN-3336-1)
2017-06-22 00:00:00
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1108)
2020-01-23 00:00:00
ubuntu
ubuntu
NSS vulnerability
2017-06-21 00:00:00
NSS vulnerability
2017-07-31 00:00:00
cve
cve
CVE-2017-7502
2017-05-30 18:29:00
ubuntucve
ubuntucve
CVE-2017-7502
2017-05-30 00:00:00
redhat
redhat
(RHSA-2017:1365) Important: nss security and bug fix update
2017-05-30 02:43:50
(RHSA-2017:1364) Important: nss security and bug fix update
2017-05-30 02:43:30
(RHSA-2017:1567) Important: Red Hat Container Development Kit 3.0.0 security update
2017-06-21 15:02:25
debiancve
debiancve
CVE-2017-7502
2017-05-30 18:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:17:27
f5
f5
K55143785 : NSS vulnerability CVE-2017-7502
2018-03-06 00:00:00
amazon
amazon
Important: nss
2017-06-22 19:20:00
ibm
ibm
Security Bulletin: A vulnerability in NSS affects PowerKVM
2018-06-18 01:36:39
Security Bulletin: Vulnerability in Mozilla NSS affects the IBM FlashSystem models 840 and 900
2023-02-18 01:45:50
Security Bulletin: Vulnerability in Mozilla NSS affects the IBM FlashSystem model V840
2018-06-18 00:35:20
prion
prion
Null pointer dereference
2017-05-30 18:29:00
oraclelinux
oraclelinux
nss security and bug fix update
2017-05-30 00:00:00
nss security and bug fix update
2017-05-30 00:00:00
osv
osv
nss - security update
2017-05-31 00:00:00
nss - security update
2017-06-01 00:00:00
centos
centos
nss security update
2017-05-31 14:09:07
nss security update
2017-05-31 15:14:33
mageia
mageia
Updated nss packages fix security vulnerability
2017-06-09 00:39:47
symantec
symantec
SA153: NSS Vulnerabilities Apr-May 2017
2017-07-13 08:00:00
debian
debian
[SECURITY] [DSA 3872-1] nss security update
2017-06-01 21:02:28
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON
Related for DEBIAN:DLA-971-1:24044
nessus17redhatcve1openvas12ubuntu2cve1ubuntucve1redhat4debiancve1veracode1f51amazon1ibm5prion1oraclelinux2osv2centos2mageia1symantec1debian1oracle1