Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2014-252.NASL
HistoryDec 16, 2014 - 12:00 a.m.

Mandriva Linux Security Advisory : nss (MDVSA-2014:252)

2014-12-1600:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
19
JSON

Updated nss packages fix security vulnerabilities :

In the QuickDER decoder in NSS before 3.17.3, ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data (CVE-2014-1569).

This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0, mitigating CVE-2014-3566, also known as POODLE. SSL 3.0 support has also been disabled by default in this Firefox and Thunderbird update, further mitigating POODLE.

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2014:252. 
# The text itself is copyright (C) Mandriva S.A.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(80041);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2014-1569");
  script_xref(name:"MDVSA", value:"2014:252");

  script_name(english:"Mandriva Linux Security Advisory : nss (MDVSA-2014:252)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated nss packages fix security vulnerabilities :

In the QuickDER decoder in NSS before 3.17.3, ASN.1 DER decoding of
lengths is too permissive, allowing undetected smuggling of arbitrary
data (CVE-2014-1569).

This update adds support for the TLS Fallback Signaling Cipher Suite
Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent
protocol downgrade attacks against applications which re-connect using
a lower SSL/TLS protocol version when the initial connection
indicating the highest supported protocol version fails. This can
prevent a forceful downgrade of the communication to SSL 3.0,
mitigating CVE-2014-3566, also known as POODLE. SSL 3.0 support has
also been disabled by default in this Firefox and Thunderbird update,
further mitigating POODLE."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://advisories.mageia.org/MGASA-2014-0507.html"
  );
  # https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?6d78ddde"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nss-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nss-static-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64nss3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nss-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rootcerts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rootcerts-java");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/12/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/16");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64nss-devel-3.17.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64nss-static-devel-3.17.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64nss3-3.17.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"nss-3.17.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"nss-doc-3.17.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"rootcerts-20141117.00-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"rootcerts-java-20141117.00-1.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
mandrivalinuxlib64nss-develp-cpe:/a:mandriva:linux:lib64nss-devel
mandrivalinuxlib64nss-static-develp-cpe:/a:mandriva:linux:lib64nss-static-devel
mandrivalinuxlib64nss3p-cpe:/a:mandriva:linux:lib64nss3
mandrivalinuxnssp-cpe:/a:mandriva:linux:nss
mandrivalinuxnss-docp-cpe:/a:mandriva:linux:nss-doc
mandrivalinuxrootcertsp-cpe:/a:mandriva:linux:rootcerts
mandrivalinuxrootcerts-javap-cpe:/a:mandriva:linux:rootcerts-java
mandrivabusiness_server1cpe:/o:mandriva:business_server:1

Related

securityvulns 3
archlinux 1
fedora 18
exploitpack 1
zdt 1
nessus 46
veracode 4
cve 1
exploitdb 1
openvas 16
debian 3
debiancve 1
osv 3
prion 2
ubuntucve 1
ubuntu 1
ibm 81
redhat 3
seebug 1
hackerone 2
citrix 1
f5 1
cert 1
amazon 1
suse 1
cisco 1
centos 1
checkpoint_security 1
fortinet 1
securityvulns
securityvulns
[ MDVSA-2014:252 ] nss
2014-12-22 00:00:00
Mozilla nss information leakage
2014-12-22 00:00:00
TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack
2014-10-18 00:00:00
archlinux
archlinux
nss: signature forgery
2014-12-16 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: nss-3.17.3-2.fc21
2014-12-25 05:35:12
[SECURITY] Fedora 20 Update: claws-mail-plugins-3.11.1-1.fc20
2014-11-10 06:30:28
[SECURITY] Fedora 21 Update: libetpan-1.6-1.fc21
2014-11-10 06:34:14
exploitpack
exploitpack
MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
2019-02-20 00:00:00
zdt
zdt
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates Vulnerability
2019-02-20 00:00:00
nessus
nessus
Oracle iPlanet Web Server 6.1.x < 6.1.21 / 7.0.x < 7.0.22 NSS Signature Handling Remote Code Injection
2015-07-23 00:00:00
Ubuntu 14.04 LTS : NSS vulnerability (USN-2452-1)
2015-01-08 00:00:00
Oracle iPlanet Web Proxy Server 4.0.x < 4.0.26 NSS Signature Handling Remote Code Injection
2015-07-23 00:00:00
veracode
veracode
HTTP Request Smuggling
2019-01-15 09:03:35
Information Disclosure
2017-02-07 00:05:45
POODLE Attack
2017-04-27 06:54:17
cve
cve
CVE-2014-1569
2014-12-15 18:59:00
exploitdb
exploitdb
MatrixSSL &lt; 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
2019-02-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 3186-1 (nss - security update)
2015-03-13 00:00:00
Ubuntu: Security Advisory (USN-2452-1)
2015-01-23 00:00:00
Fedora Update for nss FEDORA-2014-17085
2015-01-05 00:00:00
debian
debian
[SECURITY] [DSA 3186-1] nss security update
2015-03-13 08:16:10
[SECURITY] [DSA 3186-1] nss security update
2015-03-13 08:15:52
[SECURITY] [DSA 3489-1] lighttpd security update
2016-02-23 18:26:44
debiancve
debiancve
CVE-2014-1569
2014-12-15 18:59:00
osv
osv
nss - security update
2015-03-13 00:00:00
lighttpd - security update
2015-07-25 00:00:00
lighttpd - security update
2016-02-23 00:00:00
prion
prion
Design/Logic Flaw
2014-12-15 18:59:00
Code injection
2014-10-15 00:55:00
ubuntucve
ubuntucve
CVE-2014-1569
2014-12-15 00:00:00
ubuntu
ubuntu
NSS vulnerability
2015-01-07 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in SSLv3 affects Tivoli Netcool Service Quality Manager (CVE-2014-3566)
2018-06-17 14:51:47
Security Bulletin: Vulnerability in SSLv3 affects certain IBM System Networking products running certain levels of firmware (CVE-2014-3566)
2019-01-31 01:30:01
Security Bulletin: There is a vulnerability in IBM Java SDK that affects Rational Developer for System z (CVE-2014-3566)
2020-10-27 16:05:52
redhat
redhat
(RHSA-2015:1546) Important: node.js security update
2015-08-04 00:00:00
(RHSA-2014:1653) Moderate: openssl security update
2014-10-16 00:00:00
(RHSA-2015:1545) Important: node.js security update
2015-08-04 00:00:00
seebug
seebug
SSL 3.0 POODLE(CVE-2014-3566)
2017-02-17 00:00:00
hackerone
hackerone
New Relic: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2017-03-26 19:08:23
MariaDB: smtp service vulnerable to POODLE SSLv3
2019-03-24 06:26:55
citrix
citrix
CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw
2014-10-14 04:00:00
f5
f5
K15702 : SSLv3 vulnerability CVE-2014-3566
2015-09-18 00:00:00
cert
cert
POODLE vulnerability in SSL 3.0
2014-10-17 00:00:00
amazon
amazon
Important: openssl
2014-10-14 22:32:00
suse
suse
Security update for suseRegister (important)
2015-01-05 21:04:43
cisco
cisco
SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2014-10-15 18:30:00
centos
centos
openssl security update
2014-10-16 15:21:39
checkpoint_security
checkpoint_security
Check Point response to the POODLE Bites vulnerability (CVE-2014-3566)
2014-10-13 21:00:00
fortinet
fortinet
SSL v3 "POODLE" Vulnerability
2014-10-15 00:00:00
JSON
Related for MANDRIVA_MDVSA-2014-252.NASL
securityvulns3archlinux1fedora18exploitpack1zdt1nessus46veracode4cve1exploitdb1openvas16debian3debiancve1osv3prion2ubuntucve1ubuntu1ibm81redhat3seebug1hackerone2citrix1f51cert1amazon1suse1cisco1centos1checkpoint_security1fortinet1