Lucene search
Fedora 19 : nss-3.17.1-1.fc19 / nss-softokn-3.17.1-2.fc19 / nss-util-3.17.1-1.fc19 (2014-11565)
🗓️ 12 Oct 2014 00:00:00Reported by This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus🔗 www.tenable.com👁 23 Views
Fedora 19 : nss-3.17.1-1.fc19 / nss-softokn-3.17.1-2.fc19 / nss-util-3.17.1-1.fc19 security update (2014-11565) from Tenable Network Securit
Show more
| Reporter | Title | Published | Views | Family All 175 |
|---|---|---|---|---|
 | nss security update | 26 Sep 201411:29 | – | centos |
 | Mozilla Network Security Services (NSS) fails to properly verify RSA signatures | 24 Sep 201400:00 | – | cert |
 | [SECURITY] [DSA 3033-1] nss security update | 25 Sep 201400:23 | – | debian |
| [SECURITY] [DLA 62-1] nss security update | 25 Sep 201414:59 | – | debian |
| [SECURITY] [DSA 3034-1] iceweasel security update | 25 Sep 201406:25 | – | debian |
| [SECURITY] [DSA 3037-1] icedove security update | 26 Sep 201419:31 | – | debian |
 | RSA Signature Forgery in NSS — Mozilla | 24 Sep 201400:00 | – | mozilla |
| Mozilla Thunderbird 24.x < 24.8.1 NSS Signature Verification Vulnerability | 26 Sep 201400:00 | – | nessus |
| Oracle Linux 5 / 6 / 7 : nss (ELSA-2014-1307) | 29 Sep 201400:00 | – | nessus |
| OracleVM 3.3 : nss (OVMSA-2014-0082) | 15 Dec 201400:00 | – | nessus |
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| mozilla | www.mozilla.org/en-US/security/advisories/mfsa2014-73/ |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| bugzilla | www.bugzilla.redhat.com/show_bug.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2014-11565.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(78368);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2014-1568");
script_bugtraq_id(70116);
script_xref(name:"FEDORA", value:"2014-11565");
script_name(english:"Fedora 19 : nss-3.17.1-1.fc19 / nss-softokn-3.17.1-2.fc19 / nss-util-3.17.1-1.fc19 (2014-11565)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1146309"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140516.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?69be65c4"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140517.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?3945fed4"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140518.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?37b361fb"
);
# https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2014-73/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected nss, nss-softokn and / or nss-util packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss-softokn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss-util");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");
script_set_attribute(attribute:"patch_publication_date", value:"2014/09/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC19", reference:"nss-3.17.1-1.fc19")) flag++;
if (rpm_check(release:"FC19", reference:"nss-softokn-3.17.1-2.fc19")) flag++;
if (rpm_check(release:"FC19", reference:"nss-util-3.17.1-1.fc19")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nss / nss-softokn / nss-util");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo12 Oct 2014 00:00Current
CVSS27.5
EPSS0.03