Search...

NewStart CGSL MAIN 4.05 : nss Multiple Vulnerabilities (NS-SA-2019-0105)

2019-08-12T00:00:00

ID NEWSTART_CGSL_NS-SA-2019-0105_NSS.NASL
Type nessus
Reporter This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2019-08-12T00:00:00

Description

The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by multiple vulnerabilities:

An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)

A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2019-0105. The text
# itself is copyright (C) ZTE, Inc.

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(127337);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2017-5461", "CVE-2017-7502");

  script_name(english:"NewStart CGSL MAIN 4.05 : nss Multiple Vulnerabilities (NS-SA-2019-0105)");

  script_set_attribute(attribute:"synopsis", value:
"The remote machine is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by multiple
vulnerabilities:

  - An out-of-bounds write flaw was found in the way NSS
    performed certain Base64-decoding operations. An
    attacker could use this flaw to create a specially
    crafted certificate which, when parsed by NSS, could
    cause it to crash or execute arbitrary code, using the
    permissions of the user running an application compiled
    against the NSS library. (CVE-2017-5461)

  - A null pointer dereference flaw was found in the way NSS
    handled empty SSLv2 messages. An attacker could use this
    flaw to crash a server application compiled against the
    NSS library. (CVE-2017-7502)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0105");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL nss packages. Note that updated packages may not be available yet. Please contact ZTE for
more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-5461");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/ZTE-CGSL/release");
if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");

if (release !~ "CGSL MAIN 4.05")
  audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');

if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);

flag = 0;

pkgs = {
  "CGSL MAIN 4.05": [
    "nss-3.28.4-3.el6_9",
    "nss-devel-3.28.4-3.el6_9",
    "nss-sysinit-3.28.4-3.el6_9",
    "nss-tools-3.28.4-3.el6_9"
  ]
};
pkg_list = pkgs[release];

foreach (pkg in pkg_list)
  if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nss");
}

JSON Vulners Source

Initial Source

{"id": "NEWSTART_CGSL_NS-SA-2019-0105_NSS.NASL", "bulletinFamily": "scanner", "title": "NewStart CGSL MAIN 4.05 : nss Multiple Vulnerabilities (NS-SA-2019-0105)", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by multiple\nvulnerabilities:\n\n - An out-of-bounds write flaw was found in the way NSS\n performed certain Base64-decoding operations. An\n attacker could use this flaw to create a specially\n crafted certificate which, when parsed by NSS, could\n cause it to crash or execute arbitrary code, using the\n permissions of the user running an application compiled\n against the NSS library. (CVE-2017-5461)\n\n - A null pointer dereference flaw was found in the way NSS\n handled empty SSLv2 messages. An attacker could use this\n flaw to crash a server application compiled against the\n NSS library. (CVE-2017-7502)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "published": "2019-08-12T00:00:00", "modified": "2019-08-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/127337", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://security.gd-linux.com/notice/NS-SA-2019-0105"], "cvelist": ["CVE-2017-7502", "CVE-2017-5461"], "type": "nessus", "lastseen": "2021-01-17T12:03:12", "edition": 17, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-5461", "CVE-2017-7502"]}, {"type": "f5", "idList": ["F5:K55143785", "F5:K12109859"]}, {"type": "ubuntu", "idList": ["USN-3372-1", "USN-3270-1", "USN-3336-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-906-1:D16E9", "DEBIAN:DLA-971-1:24044", "DEBIAN:DSA-3872-1:C19C1", "DEBIAN:DSA-3831-1:EE460", "DEBIAN:DLA-946-1:9FF89"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310882698", "OPENVAS:1361412562310871824", "OPENVAS:1361412562310882731", "OPENVAS:1361412562310703872", "OPENVAS:703872", "OPENVAS:1361412562310871825", "OPENVAS:1361412562310882730", "OPENVAS:1361412562310843224", "OPENVAS:1361412562311220171108", "OPENVAS:1361412562311220171109"]}, {"type": "nessus", "idList": ["UBUNTU_USN-3336-1.NASL", "CENTOS_RHSA-2017-1365.NASL", "CENTOS_RHSA-2017-1364.NASL", "DEBIAN_DLA-971.NASL", "VIRTUOZZO_VZLSA-2017-1364.NASL", "EULEROS_SA-2017-1108.NASL", "DEBIAN_DSA-3872.NASL", "REDHAT-RHSA-2017-1364.NASL", "ALA_ALAS-2017-848.NASL", "VIRTUOZZO_VZLSA-2017-1365.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-1101", "ELSA-2017-1100", "ELSA-2017-1364", "ELSA-2017-1365"]}, {"type": "redhat", "idList": ["RHSA-2017:1100", "RHSA-2017:1103", "RHSA-2017:1364", "RHSA-2017:1101", "RHSA-2017:1365", "RHSA-2017:1102", "RHSA-2017:1712", "RHSA-2017:1567"]}, {"type": "amazon", "idList": ["ALAS-2017-825", "ALAS-2017-848"]}, {"type": "centos", "idList": ["CESA-2017:1365", "CESA-2017:1100", "CESA-2017:1364"]}, {"type": "archlinux", "idList": ["ASA-201705-21", "ASA-201704-4"]}, {"type": "symantec", "idList": ["SMNTC-1409", "SMNTC-1405"]}, {"type": "freebsd", "idList": ["4CB165F0-6E48-423E-8147-92255D35C0F7"]}, {"type": "gentoo", "idList": ["GLSA-201705-04"]}, {"type": "suse", "idList": ["SUSE-SU-2017:1175-1", "SUSE-SU-2017:1248-1", "OPENSUSE-SU-2017:1099-1"]}], "modified": "2021-01-17T12:03:12", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2021-01-17T12:03:12", "rev": 2}, "vulnersScore": 7.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0105. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127337);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-5461\", \"CVE-2017-7502\");\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : nss Multiple Vulnerabilities (NS-SA-2019-0105)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by multiple\nvulnerabilities:\n\n - An out-of-bounds write flaw was found in the way NSS\n performed certain Base64-decoding operations. An\n attacker could use this flaw to create a specially\n crafted certificate which, when parsed by NSS, could\n cause it to crash or execute arbitrary code, using the\n permissions of the user running an application compiled\n against the NSS library. (CVE-2017-5461)\n\n - A null pointer dereference flaw was found in the way NSS\n handled empty SSLv2 messages. An attacker could use this\n flaw to crash a server application compiled against the\n NSS library. (CVE-2017-7502)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0105\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL nss packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"nss-3.28.4-3.el6_9\",\n \"nss-devel-3.28.4-3.el6_9\",\n \"nss-sysinit-3.28.4-3.el6_9\",\n \"nss-tools-3.28.4-3.el6_9\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n}\n", "naslFamily": "NewStart CGSL Local Security Checks", "pluginID": "127337", "cpe": [], "scheme": null, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}

{"cve": [{"lastseen": "2021-02-02T06:36:50", "description": "Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-05-30T18:29:00", "title": "CVE-2017-7502", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7502"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:mozilla:network_security_services:3.25.1", "cpe:/a:mozilla:network_security_services:3.27.1", "cpe:/a:mozilla:network_security_services:3.28.2", "cpe:/a:mozilla:network_security_services:3.26.0", "cpe:/a:mozilla:network_security_services:3.30.1", "cpe:/a:mozilla:network_security_services:3.27.0", "cpe:/a:mozilla:network_security_services:3.27.2", "cpe:/a:mozilla:network_security_services:3.26.2", "cpe:/a:mozilla:network_security_services:3.29.0", "cpe:/a:mozilla:network_security_services:3.30.0", "cpe:/a:mozilla:network_security_services:3.25.0", "cpe:/a:mozilla:network_security_services:3.29.3", "cpe:/a:mozilla:network_security_services:3.28.3", "cpe:/a:mozilla:network_security_services:3.29.1", "cpe:/a:mozilla:network_security_services:3.29.2", "cpe:/a:mozilla:network_security_services:3.24.0", "cpe:/a:mozilla:network_security_services:3.28.0", "cpe:/a:mozilla:network_security_services:3.28.1"], "id": "CVE-2017-7502", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7502", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:network_security_services:3.30.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.29.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.30.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.24.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:36:47", "description": "Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-11T01:29:00", "title": "CVE-2017-5461", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5461"], "modified": "2018-09-20T16:43:00", "cpe": [], "id": "CVE-2017-5461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5461", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "f5": [{"lastseen": "2019-08-30T08:46:20", "bulletinFamily": "software", "cvelist": ["CVE-2017-7502"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-03-06T19:12:00", "published": "2018-03-06T19:12:00", "id": "F5:K55143785", "href": "https://support.f5.com/csp/article/K55143785", "title": "NSS vulnerability CVE-2017-7502", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-04-30T18:21:21", "bulletinFamily": "software", "cvelist": ["CVE-2017-5461"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.2.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.1.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2017-05-24T20:55:00", "published": "2017-05-08T23:14:00", "id": "F5:K12109859", "href": "https://support.f5.com/csp/article/K12109859", "title": "Mozilla NSS vulnerability CVE-2017-5461", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-08-12T01:07:46", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-7502", "CVE-2017-5461"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3872-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJune 01, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nss\nCVE ID : CVE-2017-5461 CVE-2017-5462 CVE-2017-7502\n\nSeveral vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2:3.26-1+debu8u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your nss packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 6, "modified": "2017-06-01T21:02:48", "published": "2017-06-01T21:02:48", "id": "DEBIAN:DSA-3872-1:C19C1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00132.html", "title": "[SECURITY] [DSA 3872-1] nss security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:23:01", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "Package : nss\nVersion : 2:3.26-1+debu7u4\nCVE ID : CVE-2017-7502\nDebian Bug : 863839\n\nCVE-2017-7502\n\n A null pointer dereference vulnerability in NSS was found when server\n receives empty SSLv2 messages. This issue was introduced with the recent\n removal of SSLv2 protocol from upstream code in 3.24.0 and introduction\n of dedicated parser able to handle just sslv2-style hello messages.\n\nFor Debian 7 "Wheezy", this problem has been fixed in version\n2:3.26-1+debu7u4.\n\nWe recommend that you upgrade your nss packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n- -- \n -------------- Ola Lundqvist --------------------\n/ opal@debian.org GPG fingerprint \\\n| ola@inguza.com 22F2 32C6 B1E0 F4BF 2B26 |\n| http://inguza.com/ 0A6A 5E90 DCFA 9426 876F /\n -------------------------------------------------\n", "edition": 3, "modified": "2017-05-31T21:06:26", "published": "2017-05-31T21:06:26", "id": "DEBIAN:DLA-971-1:24044", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201705/msg00041.html", "title": "[SECURITY] [DLA 971-1] nss security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:21:50", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-5461"], "description": "Package : nss\nVersion : 2:3.26-1+debu7u3\nCVE ID : CVE-2017-5461 CVE-2017-5462\nDebian Bug : 862958\n\nThe NSS library is vulnerable to two security issues:\n\nCVE-2017-5461\n\n Out-of-bounds write in Base64 encoding. This can trigger a crash\n (denial of service) and might be exploitable for code execution.\n\nCVE-2017-5462\n\n A flaw in DRBG number generation where the internal state V does not\n correctly carry bits over.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n2:3.26-1+debu7u3.\n\nWe recommend that you upgrade your nss packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: https://www.freexian.com/services/debian-lts.html\nLearn to master Debian: https://debian-handbook.info/get/\n", "edition": 3, "modified": "2017-05-19T13:16:10", "published": "2017-05-19T13:16:10", "id": "DEBIAN:DLA-946-1:9FF89", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201705/msg00017.html", "title": "[SECURITY] [DLA 946-1] nss security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:30", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-5436", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5446", "CVE-2017-5434", "CVE-2017-5465", "CVE-2017-5429", "CVE-2017-5440", "CVE-2017-5435", "CVE-2017-5432", "CVE-2017-5469", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5445", "CVE-2017-5433", "CVE-2017-5447", "CVE-2017-5444", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5448", "CVE-2017-5459", "CVE-2017-5443", "CVE-2017-5464"], "description": "Package : firefox-esr\nVersion : 45.9.0esr-1~deb7u1\nCVE ID : CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434\n CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439\n CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443\n CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447\n CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461\n CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors, use-after-frees, buffer\noverflows and other implementation errors may lead to the execution of\narbitrary code, information disclosure or denial of service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n45.9.0esr-1~deb7u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2017-04-21T17:26:31", "published": "2017-04-21T17:26:31", "id": "DEBIAN:DLA-906-1:D16E9", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201704/msg00025.html", "title": "[SECURITY] [DLA 906-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:56:00", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-5436", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5446", "CVE-2017-5434", "CVE-2017-5465", "CVE-2017-5429", "CVE-2017-5440", "CVE-2017-5435", "CVE-2017-5432", "CVE-2017-5469", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5445", "CVE-2017-5433", "CVE-2017-5447", "CVE-2017-5444", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5448", "CVE-2017-5459", "CVE-2017-5443", "CVE-2017-5464"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3831-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 20, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nCVE ID : CVE-2017-5429 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 \n CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 \n CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 \n CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 \n CVE-2017-5448 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 \n CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5469\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors, use-after-frees, buffer\noverflows and other implementation errors may lead to the execution of\narbitrary code, information disclosure or denial of service.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 45.9.0esr-1~deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 45.9.0esr-1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2017-04-19T22:40:57", "published": "2017-04-19T22:40:57", "id": "DEBIAN:DSA-3831-1:EE460", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00090.html", "title": "[SECURITY] [DSA 3831-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:50:20", "description": "Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.", "edition": 25, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-02T00:00:00", "title": "Debian DSA-3872-1 : nss - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5462", "CVE-2017-7502", "CVE-2017-5461"], "modified": "2017-06-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:nss"], "id": "DEBIAN_DSA-3872.NASL", "href": "https://www.tenable.com/plugins/nessus/100580", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3872. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100580);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-5461\", \"CVE-2017-5462\", \"CVE-2017-7502\");\n script_xref(name:\"DSA\", value:\"3872\");\n\n script_name(english:\"Debian DSA-3872-1 : nss - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/nss\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3872\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the nss packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2:3.26-1+debu8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libnss3\", reference:\"2:3.26-1+debu8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnss3-1d\", reference:\"2:3.26-1+debu8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnss3-dbg\", reference:\"2:3.26-1+debu8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnss3-dev\", reference:\"2:3.26-1+debu8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libnss3-tools\", reference:\"2:3.26-1+debu8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T01:22:48", "description": "NULL pointer dereference when handling empty SSLv2 messages :\n\nA NULL pointer dereference flaw was found in the way NSS handled empty\nSSLv2 messages. An attacker could use this flaw to crash a server\napplication compiled against the NSS library. (CVE-2017-7502)", "edition": 26, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-06-23T00:00:00", "title": "Amazon Linux AMI : nss (ALAS-2017-848)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:nss-sysinit", "p-cpe:/a:amazon:linux:nss-devel", "p-cpe:/a:amazon:linux:nss", "p-cpe:/a:amazon:linux:nss-debuginfo", "p-cpe:/a:amazon:linux:nss-pkcs11-devel", "p-cpe:/a:amazon:linux:nss-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-848.NASL", "href": "https://www.tenable.com/plugins/nessus/101001", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-848.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101001);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"ALAS\", value:\"2017-848\");\n\n script_name(english:\"Amazon Linux AMI : nss (ALAS-2017-848)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NULL pointer dereference when handling empty SSLv2 messages :\n\nA NULL pointer dereference flaw was found in the way NSS handled empty\nSSLv2 messages. An attacker could use this flaw to crash a server\napplication compiled against the NSS library. (CVE-2017-7502)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-848.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update nss' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"nss-3.28.4-1.2.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-debuginfo-3.28.4-1.2.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-devel-3.28.4-1.2.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-pkcs11-devel-3.28.4-1.2.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-sysinit-3.28.4-1.2.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-tools-3.28.4-1.2.79.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:31:16", "description": "An update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)", "edition": 32, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-06-01T00:00:00", "title": "CentOS 7 : nss (CESA-2017:1365)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-06-01T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nss-devel", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-tools", "p-cpe:/a:centos:centos:nss", "p-cpe:/a:centos:centos:nss-sysinit"], "id": "CENTOS_RHSA-2017-1365.NASL", "href": "https://www.tenable.com/plugins/nessus/100556", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1365 and \n# CentOS Errata and Security Advisory 2017:1365 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100556);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"RHSA\", value:\"2017:1365\");\n\n script_name(english:\"CentOS 7 : nss (CESA-2017:1365)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-May/022451.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5297e669\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7502\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-3.28.4-1.2.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-devel-3.28.4-1.2.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.28.4-1.2.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.28.4-1.2.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"nss-tools-3.28.4-1.2.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-sysinit / nss-tools\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T05:39:26", "description": "An update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)", "edition": 33, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-05-31T00:00:00", "title": "RHEL 6 : nss (RHSA-2017:1364)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit"], "id": "REDHAT-RHSA-2017-1364.NASL", "href": "https://www.tenable.com/plugins/nessus/100531", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1364. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100531);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"RHSA\", value:\"2017:1364\");\n\n script_name(english:\"RHEL 6 : nss (RHSA-2017:1364)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7502\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1364\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"nss-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"nss-debuginfo-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"nss-devel-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"nss-pkcs11-devel-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-sysinit-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-sysinit-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-sysinit-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-tools-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-tools-3.28.4-3.el6_9\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-tools-3.28.4-3.el6_9\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T08:52:08", "description": "According to the version of the nss packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A null pointer dereference flaw was found in the way\n NSS handled empty SSLv2 messages. An attacker could use\n this flaw to crash a server application compiled\n against the NSS library. (CVE-2017-7502)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-06-09T00:00:00", "title": "EulerOS 2.0 SP2 : nss (EulerOS-SA-2017-1109)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-06-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:nss-sysinit", "p-cpe:/a:huawei:euleros:nss-tools", "p-cpe:/a:huawei:euleros:nss", "p-cpe:/a:huawei:euleros:nss-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1109.NASL", "href": "https://www.tenable.com/plugins/nessus/100702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100702);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-7502\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : nss (EulerOS-SA-2017-1109)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the nss packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A null pointer dereference flaw was found in the way\n NSS handled empty SSLv2 messages. An attacker could use\n this flaw to crash a server application compiled\n against the NSS library. (CVE-2017-7502)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1109\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a21a9274\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-3.28.4-1.2.0.1\",\n \"nss-devel-3.28.4-1.2.0.1\",\n \"nss-sysinit-3.28.4-1.2.0.1\",\n \"nss-tools-3.28.4-1.2.0.1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:51:25", "description": "From Red Hat Security Advisory 2017:1364 :\n\nAn update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)", "edition": 29, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-05-31T00:00:00", "title": "Oracle Linux 6 : nss (ELSA-2017-1364)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-05-31T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-tools", "p-cpe:/a:oracle:linux:nss-sysinit"], "id": "ORACLELINUX_ELSA-2017-1364.NASL", "href": "https://www.tenable.com/plugins/nessus/100525", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:1364 and \n# Oracle Linux Security Advisory ELSA-2017-1364 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100525);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"RHSA\", value:\"2017:1364\");\n\n script_name(english:\"Oracle Linux 6 : nss (ELSA-2017-1364)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:1364 :\n\nAn update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-May/006966.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"nss-3.28.4-3.0.1.el6_9\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-devel-3.28.4-3.0.1.el6_9\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-pkcs11-devel-3.28.4-3.0.1.el6_9\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-sysinit-3.28.4-3.0.1.el6_9\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-tools-3.28.4-3.0.1.el6_9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-sysinit / nss-tools\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:51:25", "description": "From Red Hat Security Advisory 2017:1365 :\n\nAn update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)", "edition": 29, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-05-31T00:00:00", "title": "Oracle Linux 7 : nss (ELSA-2017-1365)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-05-31T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:nss-tools", "p-cpe:/a:oracle:linux:nss-sysinit"], "id": "ORACLELINUX_ELSA-2017-1365.NASL", "href": "https://www.tenable.com/plugins/nessus/100526", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:1365 and \n# Oracle Linux Security Advisory ELSA-2017-1365 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100526);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"RHSA\", value:\"2017:1365\");\n\n script_name(english:\"Oracle Linux 7 : nss (ELSA-2017-1365)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:1365 :\n\nAn update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-May/006959.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-3.28.4-1.2.0.1.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-devel-3.28.4-1.2.0.1.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-pkcs11-devel-3.28.4-1.2.0.1.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.28.4-1.2.0.1.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"nss-tools-3.28.4-1.2.0.1.el7_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-sysinit / nss-tools\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T05:39:26", "description": "An update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)", "edition": 34, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-05-31T00:00:00", "title": "RHEL 7 : nss (RHSA-2017:1365)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit"], "id": "REDHAT-RHSA-2017-1365.NASL", "href": "https://www.tenable.com/plugins/nessus/100532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1365. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100532);\n script_version(\"3.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-7502\");\n script_xref(name:\"RHSA\", value:\"2017:1365\");\n\n script_name(english:\"RHEL 7 : nss (RHSA-2017:1365)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1451421)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7502\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1365\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"nss-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-debuginfo-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-devel-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"nss-pkcs11-devel-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-sysinit-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-sysinit-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"nss-tools-3.28.4-1.2.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"nss-tools-3.28.4-1.2.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:14:26", "description": "An update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.", "edition": 33, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-07-13T00:00:00", "title": "Virtuozzo 6 : nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc (VZLSA-2017-1364)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-07-13T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:nss-devel", "p-cpe:/a:virtuozzo:virtuozzo:nss", "p-cpe:/a:virtuozzo:virtuozzo:nss-tools", "p-cpe:/a:virtuozzo:virtuozzo:nss-pkcs11-devel", "p-cpe:/a:virtuozzo:virtuozzo:nss-sysinit", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZLSA-2017-1364.NASL", "href": "https://www.tenable.com/plugins/nessus/101475", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101475);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-7502\"\n );\n\n script_name(english:\"Virtuozzo 6 : nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc (VZLSA-2017-1364)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for nss is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nSecurity Fix(es) :\n\n* A NULL pointer dereference flaw was found in the way NSS handled\nempty SSLv2 messages. An attacker could use this flaw to crash a\nserver application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n* The Network Security Services (NSS) code and Certificate Authority\n(CA) list have been updated to meet the recommendations as published\nwith the latest Mozilla Firefox Extended Support Release (ESR). The\nupdated CA list improves compatibility with the certificates that are\nused in the Internet Public Key Infrastructure (PKI). To avoid\ncertificate validation refusals, Red Hat recommends installing the\nupdated CA list on June 12, 2017. (BZ# 1448488)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-1364.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fe49b817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-1364\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"nss-3.28.4-3.vl6\",\n \"nss-devel-3.28.4-3.vl6\",\n \"nss-pkcs11-devel-3.28.4-3.vl6\",\n \"nss-sysinit-3.28.4-3.vl6\",\n \"nss-tools-3.28.4-3.vl6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:49:49", "description": "Security Fix(es) :\n\n - A NULL pointer dereference flaw was found in the way NSS\n handled empty SSLv2 messages. An attacker could use this\n flaw to crash a server application compiled against the\n NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n - The Network Security Services (NSS) code and Certificate\n Authority (CA) list have been updated to meet the\n recommendations as published with the latest Mozilla\n Firefox Extended Support Release (ESR). The updated CA\n list improves compatibility with the certificates that\n are used in the Internet Public Key Infrastructure\n (PKI). To avoid certificate validation refusals,\n consider installing the updated CA list on June 12,\n 2017.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2017-05-31T00:00:00", "title": "Scientific Linux Security Update : nss on SL6.x i386/x86_64 (20170530)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "modified": "2017-05-31T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-tools", "p-cpe:/a:fermilab:scientific_linux:nss-sysinit"], "id": "SL_20170530_NSS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/100535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100535);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-7502\");\n\n script_name(english:\"Scientific Linux Security Update : nss on SL6.x i386/x86_64 (20170530)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A NULL pointer dereference flaw was found in the way NSS\n handled empty SSLv2 messages. An attacker could use this\n flaw to crash a server application compiled against the\n NSS library. (CVE-2017-7502)\n\nBug Fix(es) :\n\n - The Network Security Services (NSS) code and Certificate\n Authority (CA) list have been updated to meet the\n recommendations as published with the latest Mozilla\n Firefox Extended Support Release (ESR). The updated CA\n list improves compatibility with the certificates that\n are used in the Internet Public Key Infrastructure\n (PKI). To avoid certificate validation refusals,\n consider installing the updated CA list on June 12,\n 2017.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1705&L=scientific-linux-errata&F=&S=&P=13739\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7fe70ba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"nss-3.28.4-3.el6_9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-debuginfo-3.28.4-3.el6_9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-devel-3.28.4-3.el6_9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-pkcs11-devel-3.28.4-3.el6_9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-sysinit-3.28.4-3.el6_9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-tools-3.28.4-3.el6_9\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:23", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502", "CVE-2016-2183", "CVE-2017-5461"], "description": "It was discovered that NSS incorrectly handled certain empty SSLv2 \nmessages. A remote attacker could possibly use this issue to cause NSS to \ncrash, resulting in a denial of service. (CVE-2017-7502)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES \nciphers were vulnerable to birthday attacks. A remote attacker could \npossibly use this flaw to obtain clear text data from long encrypted \nsessions. This update causes NSS to limit use of the same symmetric key. \n(CVE-2016-2183)\n\nIt was discovered that NSS incorrectly handled Base64 decoding. A remote \nattacker could use this flaw to cause NSS to crash, resulting in a denial \nof service, or possibly execute arbitrary code. (CVE-2017-5461)", "edition": 6, "modified": "2017-07-31T00:00:00", "published": "2017-07-31T00:00:00", "id": "USN-3372-1", "href": "https://ubuntu.com/security/notices/USN-3372-1", "title": "NSS vulnerability", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-02T11:35:33", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "It was discovered that NSS incorrectly handled certain empty SSLv2 \nmessages. A remote attacker could possibly use this issue to cause NSS to \ncrash, resulting in a denial of service.", "edition": 5, "modified": "2017-06-21T00:00:00", "published": "2017-06-21T00:00:00", "id": "USN-3336-1", "href": "https://ubuntu.com/security/notices/USN-3336-1", "title": "NSS vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-02T11:37:59", "bulletinFamily": "unix", "cvelist": ["CVE-2016-2183", "CVE-2017-5461"], "description": "Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES \nciphers were vulnerable to birthday attacks. A remote attacker could \npossibly use this flaw to obtain clear text data from long encrypted \nsessions. This update causes NSS to limit use of the same symmetric key. \n(CVE-2016-2183)\n\nIt was discovered that NSS incorrectly handled Base64 decoding. A remote \nattacker could use this flaw to cause NSS to crash, resulting in a denial \nof service, or possibly execute arbitrary code. (CVE-2017-5461)\n\nThis update refreshes the NSS package to version 3.28.4 which includes \nthe latest CA certificate bundle.", "edition": 5, "modified": "2017-04-27T00:00:00", "published": "2017-04-27T00:00:00", "id": "USN-3270-1", "href": "https://ubuntu.com/security/notices/USN-3270-1", "title": "NSS vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5462", "CVE-2017-7502", "CVE-2017-5461"], "description": "Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.", "modified": "2019-03-18T00:00:00", "published": "2017-06-01T00:00:00", "id": "OPENVAS:1361412562310703872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703872", "type": "openvas", "title": "Debian Security Advisory DSA 3872-1 (nss - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3872.nasl 14280 2019-03-18 14:50:45Z cfischer $\n# Auto-generated from advisory DSA 3872-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703872\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2017-5461\", \"CVE-2017-5462\", \"CVE-2017-7502\");\n script_name(\"Debian Security Advisory DSA 3872-1 (nss - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-01 00:00:00 +0200 (Thu, 01 Jun 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3872.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"nss on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 2:3.26-1+debu8u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your nss packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.26-1+debu8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.26-1+debu8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.26-1+debu8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.26-1+debu8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.26-1+debu8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:57:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5462", "CVE-2017-7502", "CVE-2017-5461"], "description": "Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.", "modified": "2017-07-07T00:00:00", "published": "2017-06-01T00:00:00", "id": "OPENVAS:703872", "href": "http://plugins.openvas.org/nasl.php?oid=703872", "type": "openvas", "title": "Debian Security Advisory DSA 3872-1 (nss - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3872.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3872-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703872);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2017-5461\", \"CVE-2017-5462\", \"CVE-2017-7502\");\n script_name(\"Debian Security Advisory DSA 3872-1 (nss - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-06-01 00:00:00 +0200 (Thu, 01 Jun 2017)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3872.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"nss on Debian Linux\");\n script_tag(name: \"insight\", value: \"nss is a set of libraries designed to support cross-platform development\nof security-enabled client and server applications.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 2:3.26-1+debu8u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your nss packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered in NSS, a set of cryptographic\nlibraries, which may result in denial of service or information\ndisclosure.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.26-1+debu8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.26-1+debu8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.26-1+debu8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.26-1+debu8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.26-1+debu8u2\", rls_regex:\"DEB8.[0-9]+\", remove_arch:TRUE )) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:34:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2017-05-30T00:00:00", "id": "OPENVAS:1361412562310871825", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871825", "type": "openvas", "title": "RedHat Update for nss RHSA-2017:1365-03", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2017:1365-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871825\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-30 15:54:47 +0200 (Tue, 30 May 2017)\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss RHSA-2017:1365-03\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support the cross-platform development of security-enabled\n client and server applications.\n\nSecurity Fix(es):\n\n * A null pointer dereference flaw was found in the way NSS handled empty\nSSLv2 messages. An attacker could use this flaw to crash a server\napplication compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n * The Network Security Services (NSS) code and Certificate Authority (CA)\nlist have been updated to meet the recommendations as published with the\nlatest Mozilla Firefox Extended Support Release (ESR). The updated CA list\nimproves compatibility with the certificates that are used in the Internet\nPublic Key Infrastructure (PKI). To avoid certificate validation refusals,\nRed Hat recommends installing the updated CA list on June 12, 2017.\n(BZ#1451421)\");\n script_tag(name:\"affected\", value:\"nss on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:1365-03\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-May/msg00045.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~1.2.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.28.4~1.2.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~1.2.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~1.2.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~1.2.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-05T18:39:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "The remote host is missing an update for the ", "modified": "2020-03-03T00:00:00", "published": "2017-06-22T00:00:00", "id": "OPENVAS:1361412562310843224", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843224", "type": "openvas", "title": "Ubuntu Update for nss USN-3336-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for nss USN-3336-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843224\");\n script_version(\"2020-03-03T11:46:51+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 11:46:51 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-06-22 07:12:59 +0200 (Thu, 22 Jun 2017)\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for nss USN-3336-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that NSS incorrectly\n handled certain empty SSLv2 messages. A remote attacker could possibly use this\n issue to cause NSS to crash, resulting in a denial of service.\");\n script_tag(name:\"affected\", value:\"nss on Ubuntu 17.04,\n Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3336-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3336-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.04|16\\.10|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.28.4-0ubuntu0.14.04.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.28.4-0ubuntu0.17.04.2\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.28.4-0ubuntu0.16.10.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.28.4-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2017-05-30T00:00:00", "id": "OPENVAS:1361412562310871824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871824", "type": "openvas", "title": "RedHat Update for nss RHSA-2017:1364-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2017:1364-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871824\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-30 15:54:36 +0200 (Tue, 30 May 2017)\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss RHSA-2017:1364-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set\n of libraries designed to support the cross-platform development of\n security-enabled client and server applications.\n\nSecurity Fix(es):\n\n * A null pointer dereference flaw was found in the way NSS handled empty\nSSLv2 messages. An attacker could use this flaw to crash a server\napplication compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n * The Network Security Services (NSS) code and Certificate Authority (CA)\nlist have been updated to meet the recommendations as published with the\nlatest Mozilla Firefox Extended Support Release (ESR). The updated CA list\nimproves compatibility with the certificates that are used in the Internet\nPublic Key Infrastructure (PKI). To avoid certificate validation refusals,\nRed Hat recommends installing the updated CA list on June 12, 2017.\n(BZ#1448488)\");\n script_tag(name:\"affected\", value:\"nss on\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:1364-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-May/msg00044.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~3.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.28.4~3.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~3.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~3.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~3.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "Check the version of nss", "modified": "2019-03-08T00:00:00", "published": "2017-06-01T00:00:00", "id": "OPENVAS:1361412562310882730", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882730", "type": "openvas", "title": "CentOS Update for nss CESA-2017:1365 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2017:1365 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882730\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-01 06:56:14 +0200 (Thu, 01 Jun 2017)\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2017:1365 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support the cross-platform development of security-enabled\n client and server applications. Security Fix(es): * A null pointer dereference\n flaw was found in the way NSS handled empty SSLv2 messages. An attacker could\n use this flaw to crash a server application compiled against the NSS library.\n (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and\n Certificate Authority (CA) list have been updated to meet the recommendations as\n published with the latest Mozilla Firefox Extended Support Release (ESR). The\n updated CA list improves compatibility with the certificates that are used in\n the Internet Public Key Infrastructure (PKI). To avoid certificate validation\n refusals, Red Hat recommends installing the updated CA list on June 12, 2017.\n (BZ#1451421)\");\n script_tag(name:\"affected\", value:\"nss on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:1365\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-May/022451.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~1.2.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~1.2.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.28.4~1.2.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~1.2.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~1.2.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:35:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171108", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1108)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1108\");\n script_version(\"2020-01-23T10:51:15+0000\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:51:15 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:51:15 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1108)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1108\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1108\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'nss' package(s) announced via the EulerOS-SA-2017-1108 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\");\n\n script_tag(name:\"affected\", value:\"'nss' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:34:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171109", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1109)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1109\");\n script_version(\"2020-01-23T10:51:16+0000\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:51:16 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:51:16 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2017-1109)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1109\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1109\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'nss' package(s) announced via the EulerOS-SA-2017-1109 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\");\n\n script_tag(name:\"affected\", value:\"'nss' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~1.2.0.1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7502"], "description": "Check the version of nss", "modified": "2019-03-08T00:00:00", "published": "2017-06-01T00:00:00", "id": "OPENVAS:1361412562310882731", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882731", "type": "openvas", "title": "CentOS Update for nss CESA-2017:1364 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2017:1364 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882731\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-01 06:56:17 +0200 (Thu, 01 Jun 2017)\");\n script_cve_id(\"CVE-2017-7502\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2017:1364 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support the cross-platform development of security-enabled\n client and server applications. Security Fix(es): * A null pointer dereference\n flaw was found in the way NSS handled empty SSLv2 messages. An attacker could\n use this flaw to crash a server application compiled against the NSS library.\n (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and\n Certificate Authority (CA) list have been updated to meet the recommendations as\n published with the latest Mozilla Firefox Extended Support Release (ESR). The\n updated CA list improves compatibility with the certificates that are used in\n the Internet Public Key Infrastructure (PKI). To avoid certificate validation\n refusals, Red Hat recommends installing the updated CA list on June 12, 2017.\n (BZ#1448488)\");\n script_tag(name:\"affected\", value:\"nss on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:1364\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-May/022449.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~3.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~3.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.28.4~3.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~3.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~3.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:40:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5461"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171075", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171075", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for nss, nss-util (EulerOS-SA-2017-1075)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1075\");\n script_version(\"2020-01-23T10:48:21+0000\");\n script_cve_id(\"CVE-2017-5461\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:48:21 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:48:21 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for nss, nss-util (EulerOS-SA-2017-1075)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1075\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1075\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'nss, nss-util' package(s) announced via the EulerOS-SA-2017-1075 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)\");\n\n script_tag(name:\"affected\", value:\"'nss, nss-util' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.28.4~1.0.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.28.4~1.0.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.28.4~1.0.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.28.4~1.0.0.1\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.28.4~1.0\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.28.4~1.0\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:07", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "[3.28.4-3.0.1]\n- Added nss-vendor.patch to change vendor\n- Temporarily disable some tests until expired PayPalEE.cert is renewed\n[3.28.4-3]\n- Fix zero-length record treatment for stream ciphers and SSLv2\n[3.28.4-2]\n- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5", "edition": 4, "modified": "2017-05-30T00:00:00", "published": "2017-05-30T00:00:00", "id": "ELSA-2017-1364", "href": "http://linux.oracle.com/errata/ELSA-2017-1364.html", "title": "nss security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:46", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "[3.28.4-1.2.0.1]\n- Added nss-vendor.patch to change vendor\n[3.28.4-1.2]\n- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5\n[3.28.4-1.1]\n- Fix zero-length record treatment in SSL3_GatherData", "edition": 4, "modified": "2017-05-30T00:00:00", "published": "2017-05-30T00:00:00", "id": "ELSA-2017-1365", "href": "http://linux.oracle.com/errata/ELSA-2017-1365.html", "title": "nss security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:18", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "[3.21.3-2.0.1]\n- Fix out-of-bound issue in base64 encoding/decoding code {CVE-2017-5461}", "edition": 4, "modified": "2017-04-28T00:00:00", "published": "2017-04-28T00:00:00", "id": "ELSA-2017-1101", "href": "http://linux.oracle.com/errata/ELSA-2017-1101.html", "title": "nss security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:32", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "nss\n[3.28.4-1.0.1]\n- Added nss-vendor.patch to change vendor\n- Temporarily disable some tests until expired PayPalEE.cert is renewed\n[3.28.4-1]\n- Rebase to 3.28.4\nnss-util\n[3.28.4-1]\n- Rebase to NSS 3.28.4 to accommodate base64 encoding fix", "edition": 4, "modified": "2017-04-20T00:00:00", "published": "2017-04-20T00:00:00", "id": "ELSA-2017-1100", "href": "http://linux.oracle.com/errata/ELSA-2017-1100.html", "title": "nss and nss-util security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:22", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n* The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488)", "modified": "2018-06-07T18:23:36", "published": "2017-05-30T06:43:30", "id": "RHSA-2017:1364", "href": "https://access.redhat.com/errata/RHSA-2017:1364", "type": "redhat", "title": "(RHSA-2017:1364) Important: nss security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:28", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n* The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)", "modified": "2018-04-12T03:32:43", "published": "2017-05-30T06:43:50", "id": "RHSA-2017:1365", "href": "https://access.redhat.com/errata/RHSA-2017:1365", "type": "redhat", "title": "(RHSA-2017:1365) Important: nss security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:44:53", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "Network Security Services (NSS) is a set of libraries designed to support the\ncross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* An out-of-bounds write flaw was found in the way NSS performed certain\nBase64-decoding operations. An attacker could use this flaw to create a\nspecially crafted certificate which, when parsed by NSS, could cause it to crash\nor execute arbitrary code, using the permissions of the user running an\napplication compiled against the NSS library. (CVE-2017-5461)\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges Ronald Crane as the original reporter.\n", "modified": "2017-09-08T12:09:39", "published": "2017-04-20T04:00:00", "id": "RHSA-2017:1101", "href": "https://access.redhat.com/errata/RHSA-2017:1101", "type": "redhat", "title": "(RHSA-2017:1101) Critical: nss security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries.\n\nSecurity Fix(es):\n\n* An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)\n\nRed Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.", "modified": "2017-08-25T03:28:34", "published": "2017-04-20T05:01:41", "id": "RHSA-2017:1102", "href": "https://access.redhat.com/errata/RHSA-2017:1102", "type": "redhat", "title": "(RHSA-2017:1102) Critical: nss-util security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:14", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "Network Security Services (NSS) is a set of libraries designed to support the\ncross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* An out-of-bounds write flaw was found in the way NSS performed certain\nBase64-decoding operations. An attacker could use this flaw to create a\nspecially crafted certificate which, when parsed by NSS, could cause it to crash\nor execute arbitrary code, using the permissions of the user running an\napplication compiled against the NSS library. (CVE-2017-5461)\n\nRed Hat would like to thank the Mozilla project for reporting this issue.\nUpstream acknowledges Ronald Crane as the original reporter.\n", "modified": "2017-09-08T11:53:37", "published": "2017-04-20T04:00:00", "id": "RHSA-2017:1103", "href": "https://access.redhat.com/errata/RHSA-2017:1103", "type": "redhat", "title": "(RHSA-2017:1103) Critical: nss security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nThe nss-util packages provide utilities for use with the Network Security Services (NSS) libraries.\n\nThe following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4).\n\nSecurity Fix(es):\n\n* An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)\n\nRed Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.", "modified": "2018-06-07T18:22:56", "published": "2017-04-20T05:00:25", "id": "RHSA-2017:1100", "href": "https://access.redhat.com/errata/RHSA-2017:1100", "type": "redhat", "title": "(RHSA-2017:1100) Critical: nss and nss-util security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T14:34:43", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000364", "CVE-2017-1000366", "CVE-2017-7502"], "description": "Red Hat Container Development Kit is a platform for developing containerized applications\u2009\u2014\u2009it is a set of tools that enables developers to quickly and easily set up an environment for developing and testing containerized applications on the Red Hat Enterprise Linux platform.\n\nWith this update, Container Development Kit has been updated to 3.0.0-2, which includes an updated Red Hat Enterprise Linux ISO that contains fixes for the following security issues.\n\nSecurity Fix(es):\n\n* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult. (CVE-2017-1000364)\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs running in secure-execution mode and reduces the number of allocations performed by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful exploitation of this issue more difficult. (CVE-2017-1000366)\n\nRed Hat would like to thank Qualys Research Labs for reporting CVE-2017-1000364 and CVE-2017-1000366.", "modified": "2017-06-21T19:02:57", "published": "2017-06-21T19:02:25", "id": "RHSA-2017:1567", "href": "https://access.redhat.com/errata/RHSA-2017:1567", "type": "redhat", "title": "(RHSA-2017:1567) Important: Red Hat Container Development Kit 3.0.0 security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:31:48", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000364", "CVE-2017-1000366", "CVE-2017-7502", "CVE-2017-7512"], "description": "Red Hat 3scale API Management Platform 2.0 is a platform for the management of access and traffic for web-based APIs across a variety of deployment options. \n\nSecurity Fix(es):\n\n* It was found that RH-3scale AMP would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. (CVE-2017-7512)\n\nThe underlying container image was also rebuilt to resolve other security issues. These were addressed via the following errata:\n* https://access.redhat.com/errata/RHSA-2017:1365\n* https://access.redhat.com/errata/RHSA-2017:1481\n* https://access.redhat.com/errata/RHSA-2017:1484\n\nRed Hat would like to thank Ryan Nauman (TruCode) for reporting the CVE-2017-7512 issue.", "modified": "2017-07-06T21:05:37", "published": "2017-07-06T21:04:26", "id": "RHSA-2017:1712", "href": "https://access.redhat.com/errata/RHSA-2017:1712", "type": "redhat", "title": "(RHSA-2017:1712) Important: Red Hat 3scale API Management Platform 2.0.0 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:35:51", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "**CentOS Errata and Security Advisory** CESA-2017:1364\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n* The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-May/034487.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-1364.html", "edition": 4, "modified": "2017-05-31T14:09:07", "published": "2017-05-31T14:09:07", "href": "http://lists.centos.org/pipermail/centos-announce/2017-May/034487.html", "id": "CESA-2017:1364", "title": "nss security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-08T03:39:50", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "**CentOS Errata and Security Advisory** CESA-2017:1365\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)\n\nBug Fix(es):\n\n* The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-May/034489.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-1365.html", "edition": 4, "modified": "2017-05-31T15:14:33", "published": "2017-05-31T15:14:33", "href": "http://lists.centos.org/pipermail/centos-announce/2017-May/034489.html", "id": "CESA-2017:1365", "title": "nss security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-08T03:34:08", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "**CentOS Errata and Security Advisory** CESA-2017:1100\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nThe nss-util packages provide utilities for use with the Network Security Services (NSS) libraries.\n\nThe following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4).\n\nSecurity Fix(es):\n\n* An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)\n\nRed Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Ronald Crane as the original reporter.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-April/034429.html\nhttp://lists.centos.org/pipermail/centos-announce/2017-April/034430.html\nhttp://lists.centos.org/pipermail/centos-announce/2017-April/034434.html\nhttp://lists.centos.org/pipermail/centos-announce/2017-April/034435.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-1100.html", "edition": 4, "modified": "2017-04-20T23:21:13", "published": "2017-04-20T22:43:59", "href": "http://lists.centos.org/pipermail/centos-announce/2017-April/034429.html", "id": "CESA-2017:1100", "title": "nss security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:37:16", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7502"], "description": "**Issue Overview:**\n\nNull pointer dereference when handling empty SSLv2 messages: \nA null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. ([CVE-2017-7502 __](<https://access.redhat.com/security/cve/CVE-2017-7502>))\n\n \n**Affected Packages:** \n\n\nnss\n\n \n**Issue Correction:** \nRun _yum update nss_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n nss-debuginfo-3.28.4-1.2.79.amzn1.i686 \n nss-sysinit-3.28.4-1.2.79.amzn1.i686 \n nss-devel-3.28.4-1.2.79.amzn1.i686 \n nss-pkcs11-devel-3.28.4-1.2.79.amzn1.i686 \n nss-tools-3.28.4-1.2.79.amzn1.i686 \n nss-3.28.4-1.2.79.amzn1.i686 \n \n src: \n nss-3.28.4-1.2.79.amzn1.src \n \n x86_64: \n nss-debuginfo-3.28.4-1.2.79.amzn1.x86_64 \n nss-3.28.4-1.2.79.amzn1.x86_64 \n nss-pkcs11-devel-3.28.4-1.2.79.amzn1.x86_64 \n nss-sysinit-3.28.4-1.2.79.amzn1.x86_64 \n nss-tools-3.28.4-1.2.79.amzn1.x86_64 \n nss-devel-3.28.4-1.2.79.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2017-06-22T19:20:00", "published": "2017-06-22T19:20:00", "id": "ALAS-2017-848", "href": "https://alas.aws.amazon.com/ALAS-2017-848.html", "title": "Important: nss", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-10T12:35:35", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "**Issue Overview:**\n\nAn out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. ([CVE-2017-5461 __](<https://access.redhat.com/security/cve/CVE-2017-5461>))\n\nUpstream acknowledges Ronald Crane as the original reporter.\n\n \n**Affected Packages:** \n\n\nnss, nss-util\n\n \n**Issue Correction:** \nRun _yum update nss_ to update your system. \nRun _yum update nss-util_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n nss-util-debuginfo-3.28.4-1.0.52.amzn1.i686 \n nss-util-3.28.4-1.0.52.amzn1.i686 \n nss-util-devel-3.28.4-1.0.52.amzn1.i686 \n nss-3.28.4-1.0.78.amzn1.i686 \n nss-pkcs11-devel-3.28.4-1.0.78.amzn1.i686 \n nss-debuginfo-3.28.4-1.0.78.amzn1.i686 \n nss-devel-3.28.4-1.0.78.amzn1.i686 \n nss-tools-3.28.4-1.0.78.amzn1.i686 \n nss-sysinit-3.28.4-1.0.78.amzn1.i686 \n \n src: \n nss-util-3.28.4-1.0.52.amzn1.src \n nss-3.28.4-1.0.78.amzn1.src \n \n x86_64: \n nss-util-3.28.4-1.0.52.amzn1.x86_64 \n nss-util-devel-3.28.4-1.0.52.amzn1.x86_64 \n nss-util-debuginfo-3.28.4-1.0.52.amzn1.x86_64 \n nss-sysinit-3.28.4-1.0.78.amzn1.x86_64 \n nss-debuginfo-3.28.4-1.0.78.amzn1.x86_64 \n nss-pkcs11-devel-3.28.4-1.0.78.amzn1.x86_64 \n nss-tools-3.28.4-1.0.78.amzn1.x86_64 \n nss-devel-3.28.4-1.0.78.amzn1.x86_64 \n nss-3.28.4-1.0.78.amzn1.x86_64 \n \n \n", "edition": 5, "modified": "2017-04-27T00:04:00", "published": "2017-04-27T00:04:00", "id": "ALAS-2017-825", "href": "https://alas.aws.amazon.com/ALAS-2017-825.html", "title": "Critical: nss, nss-util", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "Arch Linux Security Advisory ASA-201704-4\n=========================================\n\nSeverity: Critical\nDate : 2017-04-20\nCVE-ID : CVE-2017-5461\nPackage : nss\nType : arbitrary code execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-247\n\nSummary\n=======\n\nThe package nss before version 3.30.1-1 is vulnerable to arbitrary code\nexecution.\n\nResolution\n==========\n\nUpgrade to 3.30.1-1.\n\n# pacman -Syu \"nss>=3.30.1-1\"\n\nThe problem has been fixed upstream in version 3.30.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nAn out-of-bounds write during Base64 decoding operation has been found\nin the Network Security Services (NSS) library due to insufficient\nmemory being allocated to the buffer.\nAn attacker could use this flaw to create a specially crafted\ncertificate which, when parsed by NSS, could cause it to crash or\nexecute arbitrary code, using the permissions of the user running an\napplication compiled against the NSS library. The issue has been fixed\nin releases 3.29.5 and 3.30.1.\n\nImpact\n======\n\nA remote attacker can execute arbitrary code on the affected host,\nusing a specially crafted certificate.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1344380\nhttps://hg.mozilla.org/projects/nss/rev/ac34db053672\nhttps://security.archlinux.org/CVE-2017-5461", "modified": "2017-04-20T00:00:00", "published": "2017-04-20T00:00:00", "id": "ASA-201704-4", "href": "https://security.archlinux.org/ASA-201704-4", "type": "archlinux", "title": "[ASA-201704-4] nss: arbitrary code execution", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-22T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5461"], "description": "Arch Linux Security Advisory ASA-201705-21\n==========================================\n\nSeverity: Critical\nDate : 2017-05-29\nCVE-ID : CVE-2017-5461\nPackage : lib32-nss\nType : arbitrary code execution\nRemote : Yes\nLink : https://security.archlinux.org/AVG-248\n\nSummary\n=======\n\nThe package lib32-nss before version 3.30.2-1 is vulnerable to\narbitrary code execution.\n\nResolution\n==========\n\nUpgrade to 3.30.2-1.\n\n# pacman -Syu \"lib32-nss>=3.30.2-1\"\n\nThe problem has been fixed upstream in version 3.30.2.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nAn out-of-bounds write during Base64 decoding operation has been found\nin the Network Security Services (NSS) library due to insufficient\nmemory being allocated to the buffer.\nAn attacker could use this flaw to create a specially crafted\ncertificate which, when parsed by NSS, could cause it to crash or\nexecute arbitrary code, using the permissions of the user running an\napplication compiled against the NSS library. The issue has been fixed\nin releases 3.29.5 and 3.30.1.\n\nImpact\n======\n\nA remote attacker can execute arbitrary code on the affected host,\nusing a specially crafted certificate.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1344380\nhttps://hg.mozilla.org/projects/nss/rev/ac34db053672\nhttps://security.archlinux.org/CVE-2017-5461", "modified": "2017-05-29T00:00:00", "published": "2017-05-29T00:00:00", "id": "ASA-201705-21", "href": "https://security.archlinux.org/ASA-201705-21", "type": "archlinux", "title": "[ASA-201705-21] lib32-nss: arbitrary code execution", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "symantec": [{"lastseen": "2020-12-24T10:41:08", "bulletinFamily": "software", "cvelist": ["CVE-2017-5461"], "description": "### SUMMARY\n\nSymantec Network Protection products using affected versions of NSS are susceptible to a security vulnerability. A remote attacker can send crafted Base64-encoded data and execute arbitrary code or cause denial of service through an application crash. \n \n\n\n### AFFECTED PRODUCTS \n\nThe following products are vulnerable:\n\n**Director** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 6.1 | Upgrade to a version of MC with the fixes. \n \n \n\n****PacketShaper (PS) S-Series**** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 11.9 and later | Not vulnerable, fixed in 11.9.1.1 \n11.8 | Upgrade to later release with fixes. \n11.7 | Upgrade to later release with fixes. \n11.6 | Upgrade to 11.6.4.2. \n11.5 | Upgrade to later release with fixes. \n \n \n\n**PolicyCenter (PC) S-Series** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 1.1 | Upgrade to 1.1.4.2. \n \n \n\n**Security Analytics** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 8.0 and later | Not vulnerable, fixed in 8.0.1. \n7.3 | Upgrade to 7.3.2. \n7.2 | Not available at this time \n7.1 | Upgrade to later release with fixes. \n \n \n\n**SSL Visibility (SSLV)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 4.2 and later | Not vulnerable, fixed in 4.2.1.1 \n4.1 | Upgrade to later release with fixes. \n4.0 | Upgrade to later release with fixes. \n3.x | Not vulnerable \n \n \n\n**X-Series XOS** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 9.7, 10.0, 11.0 | A fix will not be provided. \n \n \n\nThe following products have a vulnerable version of NSS, but are not vulnerable to known vectors of attack:\n\n**Advanced Secure Gateway (ASG)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 7.1 and later | Not vulnerable, fixed in 7.1.1.1 \n6.7 | Upgrade to 6.7.3.1. \n6.6 | Upgrade to 6.6.5.10. \n \n \n\n**Content Analysis (CA)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 2.2 and later | Not vulnerable, fixed in 2.2.1.1 \n2.1 | Upgrade to later release with fixes. \n1.3 | Fixed in 1.3.7.8. \n \n \n\n**Mail Threat Defense (MTD)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 1.1 | Upgrade to a version of CAS and SMG with the fixes. \n \n \n\n**Management Center (MC)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 1.11 and later | Not vulnerable, fixed in 1.11.1.1 \n1.10 | Upgrade to later release with fixes. \n1.9 | Upgrade to later release with fixes. \n \n \n\n**Reporter** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 10.2 and later | Not vulnerable, fixed in 10.2.1.1 \n10.1 | Upgrade to 10.1.5.5. \n9.5 | Not vulnerable \n9.4 | Not vulnerable. \n \n \n\n### ADDITIONAL PRODUCT INFORMATION\n\nPacketShaper S-Series and PolicyCenter S-Series are only vulnerable through LDAPS client connections.\n\nThe following products are not vulnerable: \n**Android Mobile Agent \nAuthConnector \nBCAAA \nBlue Coat HSM Agent for the Luna SP \nCacheFlow \nClient Connector \n**Cloud Data Protection for Salesforce \nCloud Data Protection for Salesforce Analytics \nCloud Data Protection for ServiceNow \nCloud Data Protection for Oracle CRM On Demand \nCloud Data Protection for Oracle Field Service Cloud \nCloud Data Protection for Oracle Sales Cloud \nCloud Data Protection Integration Server \nCloud Data Protection Communication Server \nCloud Data Protection Policy Builder** \nGeneral Auth Connector Login Application \nIntelligenceCenter \nIntelligenceCenter Data Collector \nK9 \n**Malware Analysis** \n**Norman Shark Industrial Control System Protection** \nPacketShaper** \n**PolicyCenter \n**ProxyAV** \nProxyAV ConLog and ConLogXP** \n**ProxyClient \nProxySG \nUnified Agent \nWeb Isolation \n \n**\n\n### ISSUES \n\n**CVE-2017-5461** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 98050](<http://www.securityfocus.com/bid/98050>) / NVD: [CVE-2017-5461](<https://nvd.nist.gov/vuln/detail/CVE-2017-5461>) \n**Impact** | Denial of service, code execution \n**Description** | An out-of-bounds write flaw in the Base64 encoder/decoder allows a remote attacker to send crafted Base64 data, such as an X.509 certificate, and cause denial of service through an application crash. The attacker could also execute arbitrary code with the permission of the application using NSS. \n \n \n\n### MITIGATION\n\nBy default, Director, Security Analytics, and XOS do not use NSS to parse Base64 data from external sources. Customers who leave this behavior unchanged prevent attacks against these products using CVE-2017-5461.\n\nCVE-2017-5461 only affects LDAPS client connections in PacketShaper S-Series and PolicyCenter S-Series. Deploying these products in a secure, trusted network reduces the threat of exploiting this vulnerability. \n \n\n\n### REFERENCES \n\nMFSA 2017-10 - <https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/> \n \n\n\n### REVISION \n\n2020-11-18 A fix for MTD 1.1 will not be provided. Please upgrade to a version of CAS and SMG with the vulnerability fixes. A fix for XOS 9.7, 10.0, and 11.0 will not be provided. A fix for Director 6.1 will not be provided. Please upgrade to a version of MC with the vulnerability fixes. \n2020-04-17 Advanced Secure Gateway (ASG) 7.1 and later versions are not vulnerable because a fix is available in 7.1.1.1. \n2019-10-02 Web Isolation is not vulnerable. \n2019-01-21 A fix for Security Analytics 7.3 is available in 7.3.2. Security Analytics 8.0 is not vulnerable because a fix is available in 8.0.1. \n2019-01-12 A fix for Security Analytics 7.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-01-11 A fix for CA 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-10-25 A fix for CA 1.3 is available in 1.3.7.8. \n2018-08-07 A fix for CA 1.3 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-06-26 A fix for SSLV 4.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-26 A fix for SSLV 4.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-25 A fix for XOS 9.7 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-22 CA 2.3 is not vulnerable. PacketShaper S-Series 11.10 is not vulnerable. Reporter 10.2 is not vulnerable because a fix is available in 10.2.1.1. \n2018-04-12 A fix for Reporter 10.1 is available in 10.1.5.5. \n2018-01-31 A fix for ASG 6.7 is avaialble in 6.7.3.1. \n2017-12-13 A fix for PS S-Series 11.6 is available in 11.6.4.2. \n2017-12-12 A fix for PC S-Series 1.1 is available in 1.1.4.2. \n2017-11-16 A fix for PS S-Series 11.5, 11.7, and 11.8 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-11-15 SSLV 4.2 is not vulnerable because a fix is available in 4.2.1.1. \n2017-11-09 MC 1.11 is not vulnerable because a fix is available in 1.11.1.1. A fix for MC 1.10 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-11-08 CAS 2.2 is not vulnerable because a fix is available in 2.2.1.1. \n2017-11-06 ASG 6.7 has a vulnerable version of NSS, but is not vulnerable to known vectors of attack. \n2017-08-03 SSLV 4.1 is vulnerable. \n2017-06-22 Security Analytics 7.3 is vulnerable.2017-07-23 MC 1.10 has a vulnerable version of NSS, but is not vulnerable to known vectors of attack. A fix for MC 1.9 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-06-26 A fix for ASG 6.6 is available in 6.6.5.10. \n2017-06-22 Security Analytics 7.3 is vulnerable. \n2017-06-05 PS S-Series 11.8 has a vulnerable version of NSS. \n2017-05-25 initial public release\n", "modified": "2020-12-22T03:55:56", "published": "2017-05-25T08:00:00", "id": "SMNTC-1405", "href": "", "type": "symantec", "title": "SA150: NSS Vulnerability April 2017", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T10:41:05", "bulletinFamily": "software", "cvelist": ["CVE-2017-5462", "CVE-2017-7502"], "description": "### SUMMARY\n\nSymantec Network Protection products using affected versions of NSS are susceptible to two security vulnerabilities. A remote attacker can send empty SSLv2 messages and cause denial of service through application crashes. An attacker can also have unspecified impact by exploiting a computational flaw in the NSS DRBG implementation that may reduce the entropy of DRBG generated random data. \n \n\n\n### AFFECTED PRODUCTS\n\nThe following products are vulnerable:\n\n**Director** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 6.1 | Upgrade to a version of MC with the fixes. \n \n \n\n**Security Analytics** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 8.0 and later | Not vulnerable, fixed in 8.0.1. \n7.3 | Upgrade to 7.3.2. \n7.2 | Not available at this time. \n7.1 | Upgrade to later release with fixes. \n \n \n\nThe following products have a vulnerable version of NSS, but are not vulnerable to known vectors of attack:\n\n**Advanced Secure Gateway (ASG)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 7.1 and later | Not vulnerable, fixed in 7.1.1.1. \n6.7 | Upgrade to 6.7.3.1. \n6.6 | Upgrade to later release with fixes. \n \n \n\n**Content Analysis (CA)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 2.2 and later | Not vulnerable, fixed in 2.2.1.1 \n2.1 | Upgrade to later release with fixes. \n1.3 | Upgrade to later release with fixes. \n \n \n\n**Mail Threat Defense (MTD)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 1.1 | Upgrade to a version of CAS and SMG with the fixes. \n \n \n\n**Management Center (MC)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 1.11 and later | Not vulnerable, fixed in 1.11.1.1 \n1.10 | Upgrade to later release with fixes. \n \n \n\n**PacketShaper (PS) S-Series** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 11.9 and later | Not vulnerable, fixed in 11.9.1.1 \n11.8 | Upgrade to later release with fixes. \n11.7 | Upgrade to later release with fixes. \n11.6 | Upgrade to 11.6.4.2. \n11.5 | Upgrade to later release with fixes. \n \n \n\n**PolicyCenter (PC) S-Series** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 1.1 | Upgrade to 1.1.4.2. \n \n \n\n**Reporter** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 10.2 and later | Not vulnerable, fixed in 10.2.1.1 \n10.1 | Upgrade to 10.1.5.5. \n9.5 | Not vulnerable \n \n \n\n**SSL Visibility (SSLV)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2017-7502 | 4.2 and later | Not vulnerable, fixed in 4.2.1.1 \n4.1 | Upgrade to later release with fixes. \n4.0 | Upgrade to later release with fixes. \n3.x | Not vulnerable \n \n### \nADDITIONAL PRODUCT INFORMATION\n\nThe following products are not vulnerable: \n**Android Mobile Agent \nAuthConnector \nBCAAA \nBlue Coat HSM Agent for the Luna SP \nCacheFlow \nClient Connector \n**Cloud Data Protection for Salesforce \nCloud Data Protection for Salesforce Analytics \nCloud Data Protection for ServiceNow \nCloud Data Protection for Oracle CRM On Demand \nCloud Data Protection for Oracle Field Service Cloud \nCloud Data Protection for Oracle Sales Cloud \nCloud Data Protection Integration Server \nCloud Data Protection Communication Server \nCloud Data Protection Policy Builder** \nGeneral Auth Connector Login Application \nIntelligenceCenter \nIntelligenceCenter Data Collector \nK9 \n****Malware Analysis** \nNorman Shark Industrial Control System Protection** \n****PacketShaper \nPolicyCenter** \nProxyAV \nProxyAV ConLog and ConLogXP** \nProxyClient \n**ProxySG** \nUnified Agent \nWeb Isolation**\n\nThe following products are under investigation: \n**X-Series XOS**\n\n### \nISSUES\n\n**CVE-2017-5462** \n--- \n**Severity / CVSSv2** | Medium / 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n**References** | SecurityFocus: [BID 97940](<https://www.securityfocus.com/bid/97940>) / Red Hat: [CVE-2017-5462](<https://access.redhat.com/security/cve/cve-2017-5462>) \n**Impact** | Unspecified \n**Description** | A computational flaw in the DRBG implementation may affect the entropy of DRBG generated random data. An attacker can exploit this vulnerability to have unspecified impact. \n \n \n\n**CVE-2017-7502** \n--- \n**Severity / CVSSv2** | Medium / 4.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n**References** | SecurityFocus: [BID 98744](<http://www.securityfocus.com/bid/98744>) / NVD: [CVE-2017-7502](<https://nvd.nist.gov/vuln/detail/CVE-2017-7502>) \n**Impact** | Denial of service \n**Description** | A NULL pointer dereference flaw in the SSL server implementation allows a remote attacker to send empty SSLv2 messages and cause the SSL server application using NSS to crash. \n \n### \nMITIGATION\n\nBy default, Director and Security Analytics do not use NSS as an SSL/TLS server. Customers who leave this behavior unchanged prevent attacks against these products using CVE-2017-7502.\n\nSymantec's ProxySG appliance can be used to protect SSL/TLS servers against attacks using CVE-2017-7502. Customers using ProxySG as a forward or reverse proxy can block SSLv2 connections using the following CPL syntax:\n \n \n <SSL>\n client.connection.negotiated_ssl_version=SSLV2 deny\n <SSL>\n server.connection.negotiated_ssl_version=SSLV2 deny\n \n\n### \nREFERENCES\n\nMFSA 2017-10 (CVE-2017-5462) - <https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/>\n\n### \nREVISION\n\n2020-11-18 A fix for MTD 1.1 will not be provided. Please upgrade to a version of CAS and SMG with the vulnerability fixes. A fix for Director 6.1 will not be provided. Please upgrade to a version of MC with the vulnerability fixes. \n2020-04-17 Advanced Secure Gateway (ASG) 7.1 and later releases are not vulnerable because a fix is available in 7.1.1.1. \n2019-10-02 Web Isolation is not vulnerable. \n2019-08-07 A fix for ASG 6.6 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-01-21 A fix for Security Analytics 7.3 is available in 7.3.2. Security Analytics 8.0 is not vulnerable because a fix is available in 8.0.1. \n2019-01-12 A fix for Security Analytics 7.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-01-11 A fix for CA 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. Added remaining CVSS v2 scores from NVD. \n2018-08-13 A fix for CA 1.3 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-06-26 A fix for CVE-2017-7502 in SSLV 4.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-26 A fix for SSLV 4.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-22 CA 2.3 is not vulnerable. PacketShaper S-Series 11.10 is not vulnerable. Reporter 10.2 is not vulnerable because a fix is available in 10.2.1.1. \n2018-04-12 A fix for Reporter 10.1 is available in 10.1.5.5. \n2018-01-31 A fix for ASG 6.7 is avaialble in 6.7.3.1. \n2017-12-13 A fix for PS S-Series 11.6 is available in 11.6.4.2. \n2017-12-12 A fix for PC S-Series 1.1 is available in 1.1.4.2. \n2017-11-15 SSLV 4.2 is not vulnerable because a fix is available in 4.2.1.1. \n2017-11-09 MC 1.11 is not vulnerable because a fix is available in 1.11.1.1. A fix for MC 1.10 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-11-08 CA 2.2 is not vulnerable because a fix is available in 2.2.1.1. \n2017-11-06 ASG 6.7 has a vulnerable version of NSS, but is not vulnerable to known vectors of attack. \n2017-08-03 SSLV 4.1 has a vulnerable version of NSS, but is not vulnerable to known vectors of attack. \n2017-07-25 PS S-Series 11.9 is not vulnerable because a fix is available in 11.9.1.1. \n2017-07-13 initial public release\n", "modified": "2020-12-22T03:52:21", "published": "2017-07-13T08:00:00", "id": "SMNTC-1409", "href": "", "type": "symantec", "title": "SA153: NSS Vulnerabilities Apr-May 2017", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:18", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-5461"], "description": "\nMozilla Foundation reports:\n\nAn out-of-bounds write during Base64 decoding operation\n\t in the Network Security Services (NSS) library due to\n\t insufficient memory being allocated to the buffer. This\n\t results in a potentially exploitable crash. The NSS library\n\t has been updated to fix this issue to address this issue and\n\t Firefox 53 has been updated with NSS version 3.29.5.\n\n\nA flaw in DRBG number generation within the Network\n\t Security Services (NSS) library where the internal state V\n\t does not correctly carry bits over. The NSS library has been\n\t updated to fix this issue to address this issue and Firefox\n\t 53 has been updated with NSS version 3.29.5.\n\n", "edition": 5, "modified": "2017-03-17T00:00:00", "published": "2017-03-17T00:00:00", "id": "4CB165F0-6E48-423E-8147-92255D35C0F7", "href": "https://vuxml.freebsd.org/freebsd/4cb165f0-6e48-423e-8147-92255d35c0f7.html", "title": "NSS -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2017-05-07T21:20:39", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5462", "CVE-2017-5461"], "description": "### Background\n\nThe Mozilla Network Security Service (NSS) is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. \n\n### Description\n\nMultiple vulnerabilities have been discovered in NSS. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or view sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.29.5\"", "edition": 1, "modified": "2017-05-07T00:00:00", "published": "2017-05-07T00:00:00", "href": "https://security.gentoo.org/glsa/201705-04", "id": "GLSA-201705-04", "title": "Mozilla Network Security Service (NSS): Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 0.0, "vector": "NONE"}}], "suse": [{"lastseen": "2017-04-24T23:18:57", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5446", "CVE-2017-5465", "CVE-2017-5429", "CVE-2017-5447", "CVE-2017-5466", "CVE-2017-5444", "CVE-2017-5467", "CVE-2017-5460", "CVE-2017-5449", "CVE-2017-5461", "CVE-2017-5448", "CVE-2017-5443", "CVE-2017-5464"], "edition": 1, "description": "Mozilla Firefox was updated to Firefox 52.1.0esr.\n\n The following vulnerabilities were fixed (bsc#1035082):\n\n - CVE-2017-5443: Out-of-bounds write during BinHex decoding\n - CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,\n and Firefox ESR 52.1\n - CVE-2017-5464: Memory corruption with accessibility and DOM manipulation\n - CVE-2017-5465: Out-of-bounds read in ConvolvePixel\n - CVE-2017-5466: Origin confusion when reloading isolated data:text/html\n URL\n - CVE-2017-5467: Memory corruption when drawing Skia content\n - CVE-2017-5460: Use-after-free in frame selection\n - CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS\n - CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor\n - CVE-2017-5449: Crash during bidirectional unicode manipulation with\n animation\n - CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with\n incorrect data\n - CVE-2017-5447: Out-of-bounds read during glyph processing\n - CVE-2017-5444: Buffer overflow while parsing\n application/http-index-format content\n\n The package is now following the ESR 52 branch:\n\n - Enable plugin support by default\n - service workers are disabled by default\n - push notifications are disabled by default\n - WebAssembly (wasm) is disabled\n - Less use of multiprocess architecture Electrolysis (e10s)\n\n", "modified": "2017-04-25T00:08:46", "published": "2017-04-25T00:08:46", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html", "id": "OPENSUSE-SU-2017:1099-1", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-05-04T13:19:28", "bulletinFamily": "unix", "cvelist": ["CVE-2016-8635", "CVE-2017-5462", "CVE-2017-5436", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5446", "CVE-2017-5434", "CVE-2017-5465", "CVE-2017-5429", "CVE-2017-5440", "CVE-2016-2834", "CVE-2017-5435", "CVE-2017-5432", "CVE-2017-5469", "CVE-2016-9574", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5445", "CVE-2017-5433", "CVE-2017-5447", "CVE-2017-5444", "CVE-2017-5460", "CVE-2016-1950", "CVE-2017-5461", "CVE-2017-5437", "CVE-2017-5448", "CVE-2017-5459", "CVE-2017-5443", "CVE-2017-5464"], "description": "Mozilla Firefox was updated to the Firefox ESR release 45.9.\n\n Mozilla NSS was updated to support TLS 1.3 (close to release draft) and\n various new ciphers, PRFs, Diffie Hellman key agreement and support for\n more hashes.\n\n Security issues fixed in Firefox (bsc#1035082)\n\n - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated\n code\n - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53,\n Firefox ESR 45.9, and Firefox ESR 52.1\n - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during\n XSLT processing\n - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT\n processing\n - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library\n - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in\n Graphite 2\n - MFSA 2017-11/CVE-2017-5435: Use-after-free during transaction processing\n in the editor\n - MFSA 2017-11/CVE-2017-5434: Use-after-free during focus handling\n - MFSA 2017-11/CVE-2017-5433: Use-after-free in SMIL animation functions\n - MFSA 2017-11/CVE-2017-5432: Use-after-free in text input selection\n - MFSA 2017-11/CVE-2017-5464: Memory corruption with accessibility and DOM\n manipulation\n - MFSA 2017-11/CVE-2017-5465: Out-of-bounds read in ConvolvePixel\n - MFSA 2017-11/CVE-2017-5460: Use-after-free in frame selection\n - MFSA 2017-11/CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor\n - MFSA 2017-11/CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames\n are sent with incorrect data\n - MFSA 2017-11/CVE-2017-5447: Out-of-bounds read during glyph processing\n - MFSA 2017-11/CVE-2017-5444: Buffer overflow while parsing\n application/http-index-format content\n - MFSA 2017-11/CVE-2017-5445: Uninitialized values used while parsing\n application/http-index-format content\n - MFSA 2017-11/CVE-2017-5442: Use-after-free during style changes\n - MFSA 2017-11/CVE-2017-5443: Out-of-bounds write during BinHex decoding\n - MFSA 2017-11/CVE-2017-5440: Use-after-free in txExecutionState\n destructor during XSLT processing\n - MFSA 2017-11/CVE-2017-5441: Use-after-free with selection during scroll\n events\n - MFSA 2017-11/CVE-2017-5459: Buffer overflow in WebGL\n\n Mozilla NSS was updated to 3.29.5, bringing new features and fixing bugs:\n\n - Update to NSS 3.29.5:\n * MFSA 2017-11/CVE-2017-5461: Rare crashes in the base 64 decoder and\n encoder were fixed.\n * MFSA 2017-11/CVE-2017-5462: A carry over bug in the RNG was fixed.\n * CVE-2016-9574: Remote DoS during session handshake when using\n SessionTicket extention and ECDHE-ECDSA (bsc#1015499).\n * requires NSPR >= 4.13.1\n\n - Update to NSS 3.29.3\n\n * enables TLS 1.3 by default\n\n - Fixed a bug in hash computation (and build with GCC 7 which complains\n about shifts of boolean values). (bsc#1030071, bmo#1348767)\n\n - Update to NSS 3.28.3\n\n This is a patch release to fix binary compatibility issues.\n\n - Update to NSS 3.28.1\n\n This is a patch release to update the list of root CA certificates.\n\n * The following CA certificates were Removed\n\n CN = Buypass Class 2 CA 1 CN = Root CA Generalitat Valenciana OU = RSA\n Security 2048 V3\n\n * The following CA certificates were Added\n\n OU = AC RAIZ FNMT-RCM CN = Amazon Root CA 1 CN = Amazon Root CA 2 CN =\n Amazon Root CA 3 CN = Amazon Root CA 4 CN = LuxTrust Global Root 2 CN =\n Symantec Class 1 Public Primary Certification Authority - G4 CN = Symantec\n Class 1 Public Primary Certification Authority - G6 CN = Symantec Class 2\n Public Primary Certification Authority - G4 CN = Symantec Class 2 Public\n Primary Certification Authority - G6\n\n * The version number of the updated root CA list has been set to 2.11\n\n - Update to NSS 3.28\n\n New functionality:\n\n * NSS includes support for TLS 1.3 draft -18. This includes a number\n of improvements to TLS 1.3:\n\n - The signed certificate timestamp, used in certificate transparency,\n is supported in TLS 1.3.\n - Key exporters for TLS 1.3 are supported. This includes the early key\n exporter, which can be used if 0-RTT is enabled. Note that there is\n a difference between TLS 1.3 and key exporters in older versions of\n TLS. TLS 1.3 does not distinguish between an empty context and no\n context.\n - The TLS 1.3 (draft) protocol can be enabled, by defining\n NSS_ENABLE_TLS_1_3=1 when building NSS.\n - NSS includes support for the X25519 key exchange algorithm, which is\n supported and enabled by default in all versions of TLS.\n\n Notable Changes:\n\n * NSS can no longer be compiled with support for additional elliptic\n curves. This was previously possible by replacing certain NSS source\n files.\n * NSS will now detect the presence of tokens that support additional\n elliptic curves and enable those curves for use in TLS. Note that this\n detection has a one-off performance cost, which can be avoided by\n using the SSL_NamedGroupConfig function to limit supported groups to\n those that NSS provides.\n * PKCS#11 bypass for TLS is no longer supported and has been removed.\n * Support for "export" grade SSL/TLS cipher suites has been removed.\n * NSS now uses the signature schemes definition in TLS 1.3. This also\n affects TLS 1.2. NSS will now only generate signatures with the\n combinations of hash and signature scheme that are defined in TLS 1.3,\n even when negotiating TLS 1.2.\n\n - This means that SHA-256 will only be used with P-256 ECDSA\n certificates, SHA-384 with P-384 certificates, and SHA-512 with\n P-521 certificates. SHA-1 is permitted (in TLS 1.2 only) with any\n certificate for backward compatibility reasons.\n - NSS will now no longer assume that default signature schemes are\n supported by a peer if there was no commonly supported signature\n scheme.\n\n * NSS will now check if RSA-PSS signing is supported by the token that\n holds the private key prior to using it for TLS.\n * The certificate validation code contains checks to no longer trust\n certificates that are issued by old WoSign and StartCom CAs after\n October 21, 2016. This is equivalent to the behavior that Mozilla will\n release with Firefox 51.\n\n - Update to NSS 3.27.2\n * Fixed SSL_SetTrustAnchors leaks (bmo#1318561)\n\n - raised the minimum softokn/freebl version to 3.28 as reported in\n (boo#1021636)\n\n - Update to NSS 3.26.2\n\n New Functionality:\n\n * the selfserv test utility has been enhanced to support ALPN (HTTP/1.1)\n and 0-RTT\n * added support for the System-wide crypto policy available on Fedora\n Linux see <a rel=\"nofollow\" href=\"http://fedoraproject.org/wiki/Changes/CryptoPolicy\">http://fedoraproject.org/wiki/Changes/CryptoPolicy</a>\n * introduced build flag NSS_DISABLE_LIBPKIX that allows compilation\n of NSS without the libpkix library\n\n Notable Changes:\n\n * The following CA certificate was Added CN = ISRG Root X1\n * NPN is disabled and ALPN is enabled by default\n * the NSS test suite now completes with the experimental TLS 1.3 code\n enabled\n * several test improvements and additions, including a NIST known answer\n test\n\n Changes in 3.26.2\n * MD5 signature algorithms sent by the server in CertificateRequest\n messages are now properly ignored. Previously, with rare server\n configurations, an MD5 signature algorithm might have been selected\n for client authentication and caused the client to abort the\n connection soon after.\n\n - Update to NSS 3.25\n\n New functionality:\n\n * Implemented DHE key agreement for TLS 1.3\n * Added support for ChaCha with TLS 1.3\n * Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF\n * In previous versions, when using client authentication with TLS 1.2,\n NSS only supported certificate_verify messages that used the same\n signature hash algorithm as used by the PRF. This limitation has been\n removed.\n\n Notable changes:\n\n * An SSL socket can no longer be configured to allow both TLS 1.3 and\n SSLv3\n * Regression fix: NSS no longer reports a failure if an application\n attempts to disable the SSLv2 protocol.\n * The list of trusted CA certificates has been updated to version 2.8\n * The following CA certificate was Removed Sonera Class1 CA\n * The following CA certificates were Added Hellenic Academic and\n Research Institutions RootCA 2015 Hellenic Academic and Research\n Institutions ECC RootCA 2015 Certplus Root CA G1 Certplus Root CA G2\n OpenTrust Root CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3\n\n - Update to NSS 3.24\n\n New functionality:\n\n * NSS softoken has been updated with the latest National Institute\n of Standards and Technology (NIST) guidance (as of 2015):\n - Software integrity checks and POST functions are executed on shared\n library load. These checks have been disabled by default, as they\n can cause a performance regression. To enable these checks, you must\n define symbol NSS_FORCE_FIPS when building NSS.\n - Counter mode and Galois/Counter Mode (GCM) have checks to prevent\n counter overflow.\n - Additional CSPs are zeroed in the code.\n - NSS softoken uses new guidance for how many Rabin-Miller tests are\n needed to verify a prime based on prime size.\n * NSS softoken has also been updated to allow NSS to run in FIPS Level 1\n (no password). This mode is triggered by setting the database password\n to the empty string. In FIPS mode, you may move from Level 1 to Level\n 2 (by setting an appropriate password), but not the reverse.\n * A SSL_ConfigServerCert function has been added for configuring SSL/TLS\n server sockets with a certificate and private key. Use this new\n function in place of SSL_ConfigSecureServer,\n SSL_ConfigSecureServerWithCertChain, SSL_SetStapledOCSPResponses, and\n SSL_SetSignedCertTimestamps. SSL_ConfigServerCert automatically\n determines the certificate type from the certificate and private key.\n The caller is no longer required to use SSLKEAType explicitly to\n select a "slot" into which the certificate is configured (which\n incorrectly identifies a key agreement type rather than a\n certificate). Separate functions for configuring Online Certificate\n Status Protocol (OCSP) responses or Signed Certificate Timestamps are\n not needed, since these can be added to the optional\n SSLExtraServerCertData struct provided to SSL_ConfigServerCert. Also,\n partial support for RSA Probabilistic Signature Scheme (RSA-PSS)\n certificates has been added. Although these certificates can be\n configured, they will not be used by NSS in this version.\n * Deprecate the member attribute authAlgorithm of type\n SSLCipherSuiteInfo. Instead, applications should use the newly added\n attribute authType.\n * Add a shared library (libfreeblpriv3) on Linux platforms that define\n FREEBL_LOWHASH.\n * Remove most code related to SSL v2, including the ability to actively\n send a SSLv2-compatible client hello. However, the server-side\n implementation of the SSL/TLS protocol still supports processing\n of received v2-compatible client hello messages.\n * Disable (by default) NSS support in optimized builds for logging\n SSL/TLS key material to a logfile if the SSLKEYLOGFILE environment\n variable is set. To enable the functionality in optimized builds, you\n must define the symbol NSS_ALLOW_SSLKEYLOGFILE when building NSS.\n * Update NSS to protect it against the Cachebleed attack.\n * Disable support for DTLS compression.\n * Improve support for TLS 1.3. This includes support for DTLS 1.3. Note\n that TLS 1.3 support is experimental and not suitable for production\n use.\n\n - Update to NSS 3.23\n\n New functionality:\n\n * ChaCha20/Poly1305 cipher and TLS cipher suites now supported\n * Experimental-only support TLS 1.3 1-RTT mode (draft-11). This code is\n not ready for production use.\n\n Notable changes:\n\n * The list of TLS extensions sent in the TLS handshake has been\n reordered to increase compatibility of the Extended Master Secret with\n with servers\n * The build time environment variable NSS_ENABLE_ZLIB has been renamed\n to NSS_SSL_ENABLE_ZLIB\n * The build time environment variable NSS_DISABLE_CHACHAPOLY was added,\n which can be used to prevent compilation of the ChaCha20/Poly1305 code.\n * The following CA certificates were Removed\n\n - Staat der Nederlanden Root CA\n - NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado\n - NetLock Kozjegyzoi (Class A) Tanusitvanykiado\n - NetLock Uzleti (Class B) Tanusitvanykiado\n - NetLock Expressz (Class C) Tanusitvanykiado\n - VeriSign Class 1 Public PCA - G2\n - VeriSign Class 3 Public PCA\n - VeriSign Class 3 Public PCA - G2\n - CA Disig\n\n * The following CA certificates were Added\n\n + SZAFIR ROOT CA2\n + Certum Trusted Network CA 2\n\n * The following CA certificate had the Email trust bit turned on\n\n + Actalis Authentication Root CA\n\n Security fixes:\n * CVE-2016-2834: Memory safety bugs (boo#983639) MFSA-2016-61\n bmo#1206283 bmo#1221620 bmo#1241034 bmo#1241037\n\n - Update to NSS 3.22.3\n * Increase compatibility of TLS extended master secret, don't send an\n empty TLS extension last in the handshake (bmo#1243641)\n * Fixed a heap-based buffer overflow related to the parsing of certain\n ASN.1 structures. An attacker could create a specially-crafted\n certificate which, when parsed by NSS, would cause a crash or\n execution of arbitrary code with the permissions of the user.\n (CVE-2016-1950, bmo#1245528)\n\n - Update to NSS 3.22.2\n\n New functionality:\n\n * RSA-PSS signatures are now supported (bmo#1215295)\n * Pseudorandom functions based on hashes other than SHA-1 are now\n supported\n * Enforce an External Policy on NSS from a config file (bmo#1009429)\n\n - CVE-2016-8635: Fix for DH small subgroup confinement attack (bsc#1015547)\n\n Mozilla NSPR was updated to version 4.13.1:\n\n The previously released version 4.13 had changed pipes to be nonblocking\n by default, and as a consequence, PollEvent was changed to not block on\n clear. The NSPR development team received reports that these changes\n caused regressions in some applications that use NSPR, and it has been\n decided to revert the changes made in NSPR 4.13. NSPR 4.13.1 restores the\n traditional behavior of pipes and PollEvent.\n\n Mozilla NSPR update to version 4.13 had these changes:\n\n - PL_strcmp (and others) were fixed to return consistent results when one\n of the arguments is NULL.\n - PollEvent was fixed to not block on clear.\n - Pipes are always nonblocking.\n - PR_GetNameForIdentity: added thread safety lock and bound checks.\n - Removed the PLArena freelist.\n - Avoid some integer overflows.\n - fixed several comments.\n\n", "edition": 1, "modified": "2017-05-04T15:13:58", "published": "2017-05-04T15:13:58", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00010.html", "id": "SUSE-SU-2017:1175-1", "title": "Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (important)", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}