{"id": "REDHAT-RHSA-2014-1246.NASL", "bulletinFamily": "scanner", "title": "RHEL 5 : nss and nspr (RHSA-2014:1246)", "description": "Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.", "published": "2014-09-16T00:00:00", "modified": "2014-09-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/77699", "reporter": "This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/cve-2014-1491", "https://access.redhat.com/security/cve/cve-2014-1490", "https://access.redhat.com/security/cve/cve-2014-1492", "https://access.redhat.com/errata/RHSA-2014:1246", "https://access.redhat.com/security/cve/cve-2013-1740", "https://access.redhat.com/security/cve/cve-2014-1545"], "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "type": "nessus", "lastseen": "2020-09-25T09:15:31", "edition": 26, "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["ORACLELINUX_ELSA-2014-0917.NASL", "SL_20140722_NSS_AND_NSPR_ON_SL6_X.NASL", "REDHAT-RHSA-2014-0917.NASL", "ORACLE_OPENSSO_AGENT_CPU_OCT_2014.NASL", "CENTOS_RHSA-2014-0917.NASL", "REDHAT-RHSA-2014-0979.NASL", "ORACLELINUX_ELSA-2014-1246.NASL", "SL_20140916_NSS_AND_NSPR_ON_SL5_X.NASL", "CENTOS_RHSA-2014-1246.NASL", "F5_BIGIP_SOL16716.NASL"]}, {"type": "centos", "idList": ["CESA-2014:1246", "CESA-2014:0917", "CESA-2014:1073"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1073", "ELSA-2014-1246", "ELSA-2014-0917"]}, {"type": "redhat", "idList": ["RHSA-2014:0917", "RHSA-2014:1073", "RHSA-2014:1246", "RHSA-2014:0979"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310871209", "OPENVAS:1361412562310123309", "OPENVAS:1361412562310881975", "OPENVAS:1361412562310123369", "OPENVAS:1361412562310702994", "OPENVAS:1361412562310871244", "OPENVAS:1361412562310882049", "OPENVAS:1361412562310881970", "OPENVAS:1361412562310881967", "OPENVAS:702994"]}, {"type": "f5", "idList": ["F5:K16716", "SOL16716"]}, {"type": "cve", "idList": ["CVE-2014-1492", "CVE-2014-1491", "CVE-2014-1490", "CVE-2014-1545", "CVE-2013-1740"]}, {"type": "mozilla", "idList": ["MFSA2014-12", "MFSA2014-45", "MFSA2014-55"]}, {"type": "seebug", "idList": ["SSV:61912", "SSV:61417"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2994-1:68FAD", "DEBIAN:DLA-23-1:9724D", "DEBIAN:DSA-2962-1:09D66", "DEBIAN:DLA-32-1:75FF1"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0213-1"]}, {"type": "amazon", "idList": ["ALAS-2014-384"]}, {"type": "ubuntu", "idList": ["USN-2265-1", "USN-2088-1", "USN-2159-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13536", "SECURITYVULNS:DOC:30375", "SECURITYVULNS:DOC:30257"]}, {"type": "slackware", "idList": ["SSA-2014-086-04", "SSA-2014-028-02"]}, {"type": "intothesymmetry", "idList": ["INTOTHESYMMETRY:B03F7642DA15D61E22B6B3EFD6F539A4"]}], "modified": "2020-09-25T09:15:31", "rev": 2}, "score": {"value": 8.1, "vector": "NONE", "modified": "2020-09-25T09:15:31", "rev": 2}, "vulnersScore": 8.1}, "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1246. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77699);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_xref(name:\"RHSA\", value:\"2014:1246\");\n\n script_name(english:\"RHEL 5 : nss and nspr (RHSA-2014:1246)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1246\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1246\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-debuginfo-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-devel-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"nss-pkcs11-devel-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-tools\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "77699", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "p-cpe:/a:redhat:enterprise_linux:nss"], "scheme": null}

{"nessus": [{"lastseen": "2020-09-14T18:22:56", "description": "A flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions.\n\nThis update also fixes the following bugs :\n\n - Previously, when the output.log file was not present on\n the system, the shell in the Network Security Services\n (NSS) specification handled test failures incorrectly as\n false positive test results. Consequently, certain\n utilities, such as 'grep', could not handle failures\n properly. This update improves error detection in the\n specification file, and 'grep' and other utilities now\n handle missing files or crashes as intended.\n\n - Prior to this update, a subordinate Certificate\n Authority (CA) of the ANSSI agency incorrectly issued an\n intermediate certificate installed on a network\n monitoring device. As a consequence, the monitoring\n device was enabled to act as an MITM (Man in the Middle)\n proxy performing traffic management of domain names or\n IP addresses that the certificate holder did not own or\n control. The trust in the intermediate certificate to\n issue the certificate for an MITM device has been\n revoked, and such a device can no longer be used for\n MITM attacks.\n\n - Due to a regression, MD5 certificates were rejected by\n default because Network Security Services (NSS) did not\n trust MD5 certificates. With this update, MD5\n certificates are supported in Scientific Linux 5.", "edition": 14, "published": "2014-09-29T00:00:00", "title": "Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20140916)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "modified": "2014-09-29T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-tools"], "id": "SL_20140916_NSS_AND_NSPR_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/77955", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77955);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/12\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n\n script_name(english:\"Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20140916)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions.\n\nThis update also fixes the following bugs :\n\n - Previously, when the output.log file was not present on\n the system, the shell in the Network Security Services\n (NSS) specification handled test failures incorrectly as\n false positive test results. Consequently, certain\n utilities, such as 'grep', could not handle failures\n properly. This update improves error detection in the\n specification file, and 'grep' and other utilities now\n handle missing files or crashes as intended.\n\n - Prior to this update, a subordinate Certificate\n Authority (CA) of the ANSSI agency incorrectly issued an\n intermediate certificate installed on a network\n monitoring device. As a consequence, the monitoring\n device was enabled to act as an MITM (Man in the Middle)\n proxy performing traffic management of domain names or\n IP addresses that the certificate holder did not own or\n control. The trust in the intermediate certificate to\n issue the certificate for an MITM device has been\n revoked, and such a device can no longer be used for\n MITM attacks.\n\n - Due to a regression, MD5 certificates were rejected by\n default because Network Security Services (NSS) did not\n trust MD5 certificates. With this update, MD5\n certificates are supported in Scientific Linux 5.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1409&L=scientific-linux-errata&T=0&P=2118\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?008faad0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"nss-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-debuginfo-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-pkcs11-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-25T08:56:11", "description": "From Red Hat Security Advisory 2014:1246 :\n\nUpdated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.", "edition": 21, "published": "2014-09-18T00:00:00", "title": "Oracle Linux 5 : nspr / nss (ELSA-2014-1246)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "modified": "2014-09-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:nss-pkcs11-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-tools"], "id": "ORACLELINUX_ELSA-2014-1246.NASL", "href": "https://www.tenable.com/plugins/nessus/77739", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1246 and \n# Oracle Linux Security Advisory ELSA-2014-1246 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77739);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975);\n script_xref(name:\"RHSA\", value:\"2014:1246\");\n\n script_name(english:\"Oracle Linux 5 : nspr / nss (ELSA-2014-1246)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1246 :\n\nUpdated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004456.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr and / or nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"nss-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-pkcs11-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:29:45", "description": "Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.", "edition": 25, "published": "2014-10-01T00:00:00", "title": "CentOS 5 : nss (CESA-2014:1246)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "modified": "2014-10-01T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nss-devel", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-tools", "p-cpe:/a:centos:centos:nss", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2014-1246.NASL", "href": "https://www.tenable.com/plugins/nessus/77993", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1246 and \n# CentOS Errata and Security Advisory 2014:1246 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77993);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975);\n script_xref(name:\"RHSA\", value:\"2014:1246\");\n\n script_name(english:\"CentOS 5 : nss (CESA-2014:1246)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications.\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490,\nAntoine Delignat-Lavaud and Karthikeyan Bhargavan as the original\nreporters of CVE-2014-1491, and Abhishek Arya as the original reporter\nof CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version\n3.16.1 and 4.10.6 respectively, which provide a number of bug fixes\nand enhancements over the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs :\n\n* Previously, when the output.log file was not present on the system,\nthe shell in the Network Security Services (NSS) specification handled\ntest failures incorrectly as false positive test results.\nConsequently, certain utilities, such as 'grep', could not handle\nfailures properly. This update improves error detection in the\nspecification file, and 'grep' and other utilities now handle missing\nfiles or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of\nthe ANSSI agency incorrectly issued an intermediate certificate\ninstalled on a network monitoring device. As a consequence, the\nmonitoring device was enabled to act as an MITM (Man in the Middle)\nproxy performing traffic management of domain names or IP addresses\nthat the certificate holder did not own or control. The trust in the\nintermediate certificate to issue the certificate for an MITM device\nhas been revoked, and such a device can no longer be used for MITM\nattacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default\nbecause Network Security Services (NSS) did not trust MD5\ncertificates. With this update, MD5 certificates are supported in Red\nHat Enterprise Linux 5. (BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-September/020634.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?364ebec7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1545\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-pkcs11-devel-3.16.1-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"nss-tools-3.16.1-2.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-devel / nss-pkcs11-devel / nss-tools\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:58:10", "description": "CVE-2013-1740 The ssl_Do1stHandshake function in sslsecur.c in libssl\nin Mozilla Network Security Services (NSS) before 3.15.4, when the TLS\nFalse Start feature is enabled, allows man-in-the-middle attackers to\nspoof SSL servers by using an arbitrary X.509 certificate during\ncertain handshake traffic.\n\nCVE-2014-1490 Race condition in libssl in Mozilla Network Security\nServices (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,\nFirefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey\nbefore 2.24, and other products, allows remote attackers to cause a\ndenial of service (use-after-free) or possibly have unspecified other\nimpact via vectors involving a resumption handshake that triggers\nincorrect replacement of a session ticket.\n\nCVE-2014-1491 Mozilla Network Security Services (NSS) before 3.15.4,\nas used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,\nThunderbird before 24.3, SeaMonkey before 2.24, and other products,\ndoes not properly restrict public values in Diffie-Hellman key\nexchanges, which makes it easier for remote attackers to bypass\ncryptographic protection mechanisms in ticket handling by leveraging\nuse of a certain value.\n\nCVE-2014-1492 The cert_TestHostName function in lib/certdb/certdb.c in\nthe certificate-checking implementation in Mozilla Network Security\nServices (NSS) before 3.16 accepts a wildcard character that is\niframeded in an internationalized domain name's U-label, which might\nallow man-in-the-middle attackers to spoof SSL servers via a crafted\ncertificate.\n\nCVE-2014-1544 Use-after-free vulnerability in the\nCERT_DestroyCertificate function in libnss3.so in Mozilla Network\nSecurity Services (NSS) 3.x, as used in Firefox before 31.0, Firefox\nESR 24.x before 24.7, and Thunderbird before 24.7, allows remote\nattackers to execute arbitrary code via vectors that trigger certain\nimproper removal of an NSSCertificate structure from a trust domain.\n\nCVE-2014-1545 Mozilla Netscape Portable Runtime (NSPR) before 4.10.6\nallows remote attackers to execute arbitrary code or cause a denial of\nservice (out-of-bounds write) via vectors involving the sprintf and\nconsole functions.", "edition": 28, "published": "2016-05-18T00:00:00", "title": "F5 Networks BIG-IP : Multiple Mozilla NSS vulnerabilities (K16716)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/a:f5:big-ip_access_policy_manager"], "id": "F5_BIGIP_SOL16716.NASL", "href": "https://www.tenable.com/plugins/nessus/91202", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K16716.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91202);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975, 68816);\n\n script_name(english:\"F5 Networks BIG-IP : Multiple Mozilla NSS vulnerabilities (K16716)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2013-1740 The ssl_Do1stHandshake function in sslsecur.c in libssl\nin Mozilla Network Security Services (NSS) before 3.15.4, when the TLS\nFalse Start feature is enabled, allows man-in-the-middle attackers to\nspoof SSL servers by using an arbitrary X.509 certificate during\ncertain handshake traffic.\n\nCVE-2014-1490 Race condition in libssl in Mozilla Network Security\nServices (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,\nFirefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey\nbefore 2.24, and other products, allows remote attackers to cause a\ndenial of service (use-after-free) or possibly have unspecified other\nimpact via vectors involving a resumption handshake that triggers\nincorrect replacement of a session ticket.\n\nCVE-2014-1491 Mozilla Network Security Services (NSS) before 3.15.4,\nas used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,\nThunderbird before 24.3, SeaMonkey before 2.24, and other products,\ndoes not properly restrict public values in Diffie-Hellman key\nexchanges, which makes it easier for remote attackers to bypass\ncryptographic protection mechanisms in ticket handling by leveraging\nuse of a certain value.\n\nCVE-2014-1492 The cert_TestHostName function in lib/certdb/certdb.c in\nthe certificate-checking implementation in Mozilla Network Security\nServices (NSS) before 3.16 accepts a wildcard character that is\niframeded in an internationalized domain name's U-label, which might\nallow man-in-the-middle attackers to spoof SSL servers via a crafted\ncertificate.\n\nCVE-2014-1544 Use-after-free vulnerability in the\nCERT_DestroyCertificate function in libnss3.so in Mozilla Network\nSecurity Services (NSS) 3.x, as used in Firefox before 31.0, Firefox\nESR 24.x before 24.7, and Thunderbird before 24.7, allows remote\nattackers to execute arbitrary code via vectors that trigger certain\nimproper removal of an NSSCertificate structure from a trust domain.\n\nCVE-2014-1545 Mozilla Netscape Portable Runtime (NSPR) before 4.10.6\nallows remote attackers to execute arbitrary code or cause a denial of\nservice (out-of-bounds write) via vectors involving the sprintf and\nconsole functions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K16716\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K16716.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K16716\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\",\"11.6.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-25T09:15:21", "description": "Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.", "edition": 23, "published": "2014-07-23T00:00:00", "title": "RHEL 6 : nss and nspr (RHSA-2014:0917)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2014-07-23T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:nss-util", "cpe:/o:redhat:enterprise_linux:6.5", "p-cpe:/a:redhat:enterprise_linux:nss-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo", "p-cpe:/a:redhat:enterprise_linux:nss-devel", "p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel", "p-cpe:/a:redhat:enterprise_linux:nss-tools", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:nspr", "p-cpe:/a:redhat:enterprise_linux:nss", "p-cpe:/a:redhat:enterprise_linux:nss-sysinit", "p-cpe:/a:redhat:enterprise_linux:nspr-devel", "p-cpe:/a:redhat:enterprise_linux:nss-util-devel"], "id": "REDHAT-RHSA-2014-0917.NASL", "href": "https://www.tenable.com/plugins/nessus/76698", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0917. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76698);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975, 68816);\n script_xref(name:\"RHSA\", value:\"2014:0917\");\n\n script_name(english:\"RHEL 6 : nss and nspr (RHSA-2014:0917)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1491\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0917\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-4.10.6-1.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-debuginfo-4.10.6-1.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nspr-devel-4.10.6-1.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-debuginfo-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-devel-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-pkcs11-devel-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-sysinit-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-sysinit-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-sysinit-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nss-tools-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nss-tools-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nss-tools-3.16.1-4.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-3.16.1-1.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-debuginfo-3.16.1-1.el6_5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"nss-util-devel-3.16.1-1.el6_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-25T09:50:16", "description": "A race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions.\n\nAfter installing this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.", "edition": 14, "published": "2014-07-23T00:00:00", "title": "Scientific Linux Security Update : nss and nspr on SL6.x i386/x86_64 (20140722)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2014-07-23T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-devel", "p-cpe:/a:fermilab:scientific_linux:nss-debuginfo", "p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel", "p-cpe:/a:fermilab:scientific_linux:nss-util-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:nspr", "p-cpe:/a:fermilab:scientific_linux:nss", "p-cpe:/a:fermilab:scientific_linux:nss-tools", "p-cpe:/a:fermilab:scientific_linux:nspr-devel", "p-cpe:/a:fermilab:scientific_linux:nss-sysinit", "p-cpe:/a:fermilab:scientific_linux:nss-util", "p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo"], "id": "SL_20140722_NSS_AND_NSPR_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/76702", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76702);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n\n script_name(english:\"Scientific Linux Security Update : nss and nspr on SL6.x i386/x86_64 (20140722)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions.\n\nAfter installing this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1407&L=scientific-linux-errata&T=0&P=1484\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?348ff2de\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"nspr-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nspr-debuginfo-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nspr-devel-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-debuginfo-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-devel-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-pkcs11-devel-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-sysinit-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-tools-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-3.16.1-1.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-debuginfo-3.16.1-1.el6_5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nss-util-devel-3.16.1-1.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-debuginfo / nspr-devel / nss / nss-debuginfo / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-25T08:56:07", "description": "From Red Hat Security Advisory 2014:0917 :\n\nUpdated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.", "edition": 20, "published": "2014-07-23T00:00:00", "title": "Oracle Linux 6 : nspr / nss (ELSA-2014-0917)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2014-07-23T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:nss-pkcs11-devel", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:nss-util-devel", "p-cpe:/a:oracle:linux:nss-devel", "p-cpe:/a:oracle:linux:nspr", "p-cpe:/a:oracle:linux:nss", "p-cpe:/a:oracle:linux:nss-util", "p-cpe:/a:oracle:linux:nss-tools", "p-cpe:/a:oracle:linux:nss-sysinit"], "id": "ORACLELINUX_ELSA-2014-0917.NASL", "href": "https://www.tenable.com/plugins/nessus/76694", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0917 and \n# Oracle Linux Security Advisory ELSA-2014-0917 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76694);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975, 68816);\n script_xref(name:\"RHSA\", value:\"2014:0917\");\n\n script_name(english:\"Oracle Linux 6 : nspr / nss (ELSA-2014-0917)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0917 :\n\nUpdated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004239.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr and / or nss packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"nspr-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nspr-devel-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-3.16.1-4.0.1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-devel-3.16.1-4.0.1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-pkcs11-devel-3.16.1-4.0.1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-sysinit-3.16.1-4.0.1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-tools-3.16.1-4.0.1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-util-3.16.1-1.el6_5\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nss-util-devel-3.16.1-1.el6_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:29:38", "description": "Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.", "edition": 24, "published": "2014-07-23T00:00:00", "title": "CentOS 6 : nspr / nss / nss-util (CESA-2014:0917)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2014-07-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:nss-devel", "p-cpe:/a:centos:centos:nss-util-devel", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:nss-util", "p-cpe:/a:centos:centos:nss-pkcs11-devel", "p-cpe:/a:centos:centos:nss-tools", "p-cpe:/a:centos:centos:nspr-devel", "p-cpe:/a:centos:centos:nspr", "p-cpe:/a:centos:centos:nss", "p-cpe:/a:centos:centos:nss-sysinit"], "id": "CENTOS_RHSA-2014-0917.NASL", "href": "https://www.tenable.com/plugins/nessus/76686", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0917 and \n# CentOS Errata and Security Advisory 2014:0917 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76686);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_bugtraq_id(64944, 65332, 65335, 66356, 67975, 68816);\n script_xref(name:\"RHSA\", value:\"2014:0917\");\n\n script_name(english:\"CentOS 6 : nspr / nss / nss-util (CESA-2014:0917)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated nss and nspr packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red\nHat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nCritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nNetwork Security Services (NSS) is a set of libraries designed to\nsupport the cross-platform development of security-enabled client and\nserver applications. Netscape Portable Runtime (NSPR) provides\nplatform independence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain\ncertificates. A remote attacker could use this flaw to crash an\napplication using NSS or, possibly, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS. An\nattacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to\ncrash an application using NSS or, in rare cases, execute arbitrary\ncode with the privileges of the user running that application.\n(CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or,\npossibly, execute arbitrary code with the privileges of the user\nrunning that application. This NSPR flaw was not exposed to web\ncontent in any shipped version of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain\nNames in Applications (IDNA) hostname matching in NSS did not follow\nthe RFC 6125 recommendations. This could lead to certain invalid\ncertificates with international characters to be accepted as valid.\n(CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original\nreporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan\nBhargavan as the original reporters of CVE-2014-1491, and Abhishek\nArya as the original reporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version\n3.16.1, and the nspr package has been upgraded to upstream version\n4.10.6. These updated packages provide a number of bug fixes and\nenhancements over the previous versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated\npackages, which correct these issues and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be\nrestarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020434.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?161fdcc2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020436.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9b9dd993\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020437.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?33cc54de\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nspr, nss and / or nss-util packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-1544\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"nspr-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nspr-devel-4.10.6-1.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-devel-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-pkcs11-devel-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-sysinit-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-tools-3.16.1-4.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-util-3.16.1-1.el6_5\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nss-util-devel-3.16.1-1.el6_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nspr / nspr-devel / nss / nss-devel / nss-pkcs11-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-25T09:15:23", "description": "An updated rhev-hypervisor6 package that fixes one security issue is\nnow available.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: a subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and\nKarthikeyan Bhargavan as the original reporters of CVE-2014-1491.\n\nThis update includes changes to the rhev-hypervisor component :\n\n* The most recent build of rhev-hypervisor is included in version\n3.4.1. (BZ#1118298)\n\nThis updated package also provides updated components that include\nfixes for various security issues. These issues have no security\nimpact on Red Hat Enterprise Virtualization Hypervisor itself,\nhowever. The security fixes included in this update address the\nfollowing CVE numbers :\n\nCVE-2014-4699 and CVE-2014-4943 (kernel issues)\n\nCVE-2014-4607 (lzo issue)\n\nCVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and\nCVE-2014-1544 (nss and nspr issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised\nto upgrade to this updated package.", "edition": 23, "published": "2014-11-08T00:00:00", "title": "RHEL 6 : rhev-hypervisor6 (RHSA-2014:0979)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4699", "CVE-2014-4943", "CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-4607", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "modified": "2014-11-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-0979.NASL", "href": "https://www.tenable.com/plugins/nessus/79038", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0979. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79038);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/24\");\n\n script_cve_id(\"CVE-2014-1491\");\n script_bugtraq_id(65332);\n script_xref(name:\"RHSA\", value:\"2014:0979\");\n\n script_name(english:\"RHEL 6 : rhev-hypervisor6 (RHSA-2014:0979)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated rhev-hypervisor6 package that fixes one security issue is\nnow available.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: a subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and\nKarthikeyan Bhargavan as the original reporters of CVE-2014-1491.\n\nThis update includes changes to the rhev-hypervisor component :\n\n* The most recent build of rhev-hypervisor is included in version\n3.4.1. (BZ#1118298)\n\nThis updated package also provides updated components that include\nfixes for various security issues. These issues have no security\nimpact on Red Hat Enterprise Virtualization Hypervisor itself,\nhowever. The security fixes included in this update address the\nfollowing CVE numbers :\n\nCVE-2014-4699 and CVE-2014-4943 (kernel issues)\n\nCVE-2014-4607 (lzo issue)\n\nCVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and\nCVE-2014-1544 (nss and nspr issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised\nto upgrade to this updated package.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-1491\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected rhev-hypervisor6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0979\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-6.5-20140725.0.el6ev\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhev-hypervisor6\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T04:34:53", "description": "The Oracle OpenSSO agent installed on the remote host is missing a\nvendor-supplied update. It is, therefore, affected by multiple\nvulnerabilities in the bundled Mozilla Network Security Services, the\nmost serious of which can allow remote code execution.", "edition": 24, "published": "2014-10-31T00:00:00", "title": "Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-5605", "CVE-2013-1740", "CVE-2013-1739", "CVE-2014-1492", "CVE-2013-5606", "CVE-2014-1490", "CVE-2014-1491"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:oracle:opensso", "cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_OPENSSO_AGENT_CPU_OCT_2014.NASL", "href": "https://www.tenable.com/plugins/nessus/78774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78774);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/15 20:50:18\");\n\n script_cve_id(\n \"CVE-2013-1739\",\n \"CVE-2013-1740\",\n \"CVE-2013-5605\",\n \"CVE-2013-5606\",\n \"CVE-2014-1490\",\n \"CVE-2014-1491\",\n \"CVE-2014-1492\"\n );\n script_bugtraq_id(\n 62966,\n 63737,\n 63738,\n 64944,\n 65332,\n 65335,\n 66356\n );\n\n script_name(english:\"Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)\");\n script_summary(english:\"Checks the version and patch number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Oracle OpenSSO agent installed on the remote host is missing a\nvendor-supplied update. It is, therefore, affected by multiple\nvulnerabilities in the bundled Mozilla Network Security Services, the\nmost serious of which can allow remote code execution.\");\n # https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1ada40cc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2014 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:opensso\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_opensso_agent_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle OpenSSO Agent\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = \"Oracle OpenSSO Agent\";\n\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\nver = install['version'];\npath = install['path'];\n\nfix = '3.0-05';\n\n# OpenSSO Agent versions are in the format of 'major.minor-patch'\n# Only version 3.0-04 is specified in the advisory as vulnerable\nif (ver == \"3.0-04\")\n{\n port = get_kb_item(\"SMB/transport\");\n if (isnull(port)) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:28:32", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1246\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine\nDelignat-Lavaud and Karthikeyan Bhargavan as the original reporters of\nCVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version 3.16.1 and\n4.10.6 respectively, which provide a number of bug fixes and enhancements\nover the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs:\n\n* Previously, when the output.log file was not present on the system, the\nshell in the Network Security Services (NSS) specification handled test\nfailures incorrectly as false positive test results. Consequently, certain\nutilities, such as \"grep\", could not handle failures properly. This update\nimproves error detection in the specification file, and \"grep\" and other\nutilities now handle missing files or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of the\nANSSI agency incorrectly issued an intermediate certificate installed on a\nnetwork monitoring device. As a consequence, the monitoring device was\nenabled to act as an MITM (Man in the Middle) proxy performing traffic\nmanagement of domain names or IP addresses that the certificate holder did\nnot own or control. The trust in the intermediate certificate to issue the\ncertificate for an MITM device has been revoked, and such a device can no\nlonger be used for MITM attacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default because\nNetwork Security Services (NSS) did not trust MD5 certificates. With this\nupdate, MD5 certificates are supported in Red Hat Enterprise Linux 5.\n(BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-September/032672.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1246.html", "edition": 3, "modified": "2014-09-30T11:21:57", "published": "2014-09-30T11:21:57", "href": "http://lists.centos.org/pipermail/centos-announce/2014-September/032672.html", "id": "CESA-2014:1246", "title": "nss security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:26:19", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "**CentOS Errata and Security Advisory** CESA-2014:0917\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. After installing\nthis update, applications using NSS or NSPR must be restarted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032472.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032474.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-July/032475.html\n\n**Affected packages:**\nnspr\nnspr-devel\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0917.html", "edition": 3, "modified": "2014-07-23T02:58:54", "published": "2014-07-23T02:49:51", "href": "http://lists.centos.org/pipermail/centos-announce/2014-July/032472.html", "id": "CESA-2014:0917", "title": "nspr, nss security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:08", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1492"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1073\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv3, TLS, and other\nsecurity standards.\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nIn addition, the nss, nss-util, and nss-softokn packages have been upgraded\nto upstream version 3.16.2, which provides a number of bug fixes and\nenhancements over the previous versions. (BZ#1124659)\n\nUsers of NSS are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. After installing this\nupdate, applications using NSS must be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032535.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032536.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032537.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-softokn\nnss-softokn-devel\nnss-softokn-freebl\nnss-softokn-freebl-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1073.html", "edition": 3, "modified": "2014-08-18T21:48:29", "published": "2014-08-18T21:47:41", "href": "http://lists.centos.org/pipermail/centos-announce/2014-August/032535.html", "id": "CESA-2014:1073", "title": "nss security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:35:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "description": "Oracle Linux Local Security Checks ELSA-2014-1246", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123309", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1246", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1246.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123309\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:05 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1246\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1246 - nss and nspr security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1246\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1246.html\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.16.1~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-09-17T00:00:00", "id": "OPENVAS:1361412562310871244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871244", "type": "openvas", "title": "RedHat Update for nss and nspr RHSA-2014:1246-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss and nspr RHSA-2014:1246-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871244\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-17 05:57:45 +0200 (Wed, 17 Sep 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for nss and nspr RHSA-2014:1246-01\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine\nDelignat-Lavaud and Karthikeyan Bhargavan as the original reporters of\nCVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version 3.16.1 and\n4.10.6 respectively, which provide a number of bug fixes and enhancements\nover the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs:\n\n * Previously, when the output.log file was not present on the system, the\nshell in the Network Security Services (NSS) specification handled test\nfailures incorrectly as false positive test results. Consequently, certain\nutilities, such as 'grep', could not handle failures properly. This update\nimproves error detection in the specification file, and 'grep' and other\nutilities now handle missing files or crashes as intended. (BZ#1035281)\n\n * Prior to this update, a subordinate Certificate Authority (CA) of the\nANSSI agency incorrectly issued an intermediate c ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"nss and nspr on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"RHSA\", value:\"2014:1246-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-September/msg00033.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss and nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.16.1~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.16.1~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~2.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310882049", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882049", "type": "openvas", "title": "CentOS Update for nss CESA-2014:1246 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2014:1246 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882049\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:35 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for nss CESA-2014:1246 centos5\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine\nDelignat-Lavaud and Karthikeyan Bhargavan as the original reporters of\nCVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version 3.16.1 and\n4.10.6 respectively, which provide a number of bug fixes and enhancements\nover the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs:\n\n * Previously, when the output.log file was not present on the system, the\nshell in the Network Security Services (NSS) specification handled test\nfailures incorrectly as false positive test results. Consequently, certain\nutilities, such as 'grep', could not handle failures properly. This update\nimproves error detection in the specification file, and 'grep' and other\nutilities now handle missing files or crashes as intended. (BZ#1035281)\n\n * Prior to this update, a subordinate Certificate Authority (CA) of the\nANSSI agency incorrectly issued an intermediate certificate installed on a\nnetwork monit ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1246\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020634.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.16.1~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310881970", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881970", "type": "openvas", "title": "CentOS Update for nspr CESA-2014:0917 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nspr CESA-2014:0917 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881970\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:32:21 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\",\n \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for nspr CESA-2014:0917 centos6\");\n\n script_tag(name:\"affected\", value:\"nspr on CentOS 6\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed\nto support the cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. After installing\nthis update, applications using NSS or NSPR must be restarted for this\nupdate to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0917\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020434.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.6~1.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.6~1.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310881975", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881975", "type": "openvas", "title": "CentOS Update for nss CESA-2014:0917 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2014:0917 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881975\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:35:26 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\",\n \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for nss CESA-2014:0917 centos6\");\n\n script_tag(name:\"affected\", value:\"nss on CentOS 6\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed\nto support the cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. After installing\nthis update, applications using NSS or NSPR must be restarted for this\nupdate to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0917\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020437.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~4.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~4.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.16.1~4.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.16.1~4.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~4.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310871209", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871209", "type": "openvas", "title": "RedHat Update for nss and nspr RHSA-2014:0917-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss and nspr RHSA-2014:0917-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871209\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:43:49 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\",\n \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for nss and nspr RHSA-2014:0917-01\");\n\n\n script_tag(name:\"affected\", value:\"nss and nspr on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#11121 ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0917-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00043.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss and nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.6~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-debuginfo\", rpm:\"nspr-debuginfo~4.10.6~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.6~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~4.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.16.1~4.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~4.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.16.1~4.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~4.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.16.1~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.16.1~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.16.1~1.el6_5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "Oracle Linux Local Security Checks ELSA-2014-0917", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123369", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0917", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0917.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123369\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:52 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0917\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0917 - nss and nspr security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0917\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0917.html\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\", \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.10.6~1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.10.6~1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.16.1~4.0.1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.16.1~4.0.1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.16.1~4.0.1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.16.1~4.0.1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.16.1~4.0.1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.16.1~1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.16.1~1.el6_5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-07-28T00:00:00", "id": "OPENVAS:1361412562310881967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881967", "type": "openvas", "title": "CentOS Update for nss-util CESA-2014:0917 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2014:0917 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881967\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:30:14 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2013-1740\", \"CVE-2014-1490\", \"CVE-2014-1491\", \"CVE-2014-1492\",\n \"CVE-2014-1544\", \"CVE-2014-1545\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for nss-util CESA-2014:0917 centos6\");\n\n script_tag(name:\"affected\", value:\"nss-util on CentOS 6\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed\nto support the cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. After installing\nthis update, applications using NSS or NSPR must be restarted for this\nupdate to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0917\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020436.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.16.1~1.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.16.1~1.el6_5\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-08-01T10:48:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1741", "CVE-2014-1492", "CVE-2013-5606", "CVE-2014-1491"], "description": "Several vulnerabilities have been discovered in nss, the Mozilla Network\nSecurity Service library:\n\nCVE-2013-1741 \nRunaway memset in certificate parsing on 64-bit computers leading to\na crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606 \nCertificate validation with the verifylog mode did not return\nvalidation errors, but instead expected applications to determine\nthe status by looking at the log.\n\nCVE-2014-1491 \nTicket handling protection mechanisms bypass due to the lack of\nrestriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492 \nIncorrect IDNA domain name matching for wildcard certificates could\nallow specially-crafted invalid certificates to be considered as\nvalid.", "modified": "2017-07-17T00:00:00", "published": "2014-07-31T00:00:00", "id": "OPENVAS:702994", "href": "http://plugins.openvas.org/nasl.php?oid=702994", "type": "openvas", "title": "Debian Security Advisory DSA 2994-1 (nss - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2994.nasl 6735 2017-07-17 09:56:49Z teissa $\n# Auto-generated from advisory DSA 2994-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"nss on Debian Linux\";\ntag_insight = \"nss is a set of libraries designed to support cross-platform development\nof security-enabled client and server applications.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.14.5-1+deb7u1.\n\nFor the testing distribution (jessie), and the unstable distribution (sid),\nthese problems have been fixed in version 2:3.16-1.\n\nWe recommend that you upgrade your nss packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in nss, the Mozilla Network\nSecurity Service library:\n\nCVE-2013-1741 \nRunaway memset in certificate parsing on 64-bit computers leading to\na crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606 \nCertificate validation with the verifylog mode did not return\nvalidation errors, but instead expected applications to determine\nthe status by looking at the log.\n\nCVE-2014-1491 \nTicket handling protection mechanisms bypass due to the lack of\nrestriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492 \nIncorrect IDNA domain name matching for wildcard certificates could\nallow specially-crafted invalid certificates to be considered as\nvalid.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702994);\n script_version(\"$Revision: 6735 $\");\n script_cve_id(\"CVE-2013-1741\", \"CVE-2013-5606\", \"CVE-2014-1491\", \"CVE-2014-1492\");\n script_name(\"Debian Security Advisory DSA 2994-1 (nss - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-17 11:56:49 +0200 (Mon, 17 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-07-31 00:00:00 +0200 (Thu, 31 Jul 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2994.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1741", "CVE-2014-1492", "CVE-2013-5606", "CVE-2014-1491"], "description": "Several vulnerabilities have been discovered in nss, the Mozilla Network\nSecurity Service library:\n\nCVE-2013-1741\nRunaway memset in certificate parsing on 64-bit computers leading to\na crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606\nCertificate validation with the verifylog mode did not return\nvalidation errors, but instead expected applications to determine\nthe status by looking at the log.\n\nCVE-2014-1491\nTicket handling protection mechanisms bypass due to the lack of\nrestriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492\nIncorrect IDNA domain name matching for wildcard certificates could\nallow specially-crafted invalid certificates to be considered as\nvalid.", "modified": "2019-03-19T00:00:00", "published": "2014-07-31T00:00:00", "id": "OPENVAS:1361412562310702994", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702994", "type": "openvas", "title": "Debian Security Advisory DSA 2994-1 (nss - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2994.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2994-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702994\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-1741\", \"CVE-2013-5606\", \"CVE-2014-1491\", \"CVE-2014-1492\");\n script_name(\"Debian Security Advisory DSA 2994-1 (nss - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-31 00:00:00 +0200 (Thu, 31 Jul 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2994.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"nss on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.14.5-1+deb7u1.\n\nFor the testing distribution (jessie), and the unstable distribution (sid),\nthese problems have been fixed in version 2:3.16-1.\n\nWe recommend that you upgrade your nss packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in nss, the Mozilla Network\nSecurity Service library:\n\nCVE-2013-1741\nRunaway memset in certificate parsing on 64-bit computers leading to\na crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606\nCertificate validation with the verifylog mode did not return\nvalidation errors, but instead expected applications to determine\nthe status by looking at the log.\n\nCVE-2014-1491\nTicket handling protection mechanisms bypass due to the lack of\nrestriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492\nIncorrect IDNA domain name matching for wildcard certificates could\nallow specially-crafted invalid certificates to be considered as\nvalid.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libnss3\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-1d\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-dbg\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"2:3.14.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1545"], "description": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream\nacknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine\nDelignat-Lavaud and Karthikeyan Bhargavan as the original reporters of\nCVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545.\n\nThe nss and nspr packages have been upgraded to upstream version 3.16.1 and\n4.10.6 respectively, which provide a number of bug fixes and enhancements\nover the previous versions. (BZ#1110857, BZ#1110860)\n\nThis update also fixes the following bugs:\n\n* Previously, when the output.log file was not present on the system, the\nshell in the Network Security Services (NSS) specification handled test\nfailures incorrectly as false positive test results. Consequently, certain\nutilities, such as \"grep\", could not handle failures properly. This update\nimproves error detection in the specification file, and \"grep\" and other\nutilities now handle missing files or crashes as intended. (BZ#1035281)\n\n* Prior to this update, a subordinate Certificate Authority (CA) of the\nANSSI agency incorrectly issued an intermediate certificate installed on a\nnetwork monitoring device. As a consequence, the monitoring device was\nenabled to act as an MITM (Man in the Middle) proxy performing traffic\nmanagement of domain names or IP addresses that the certificate holder did\nnot own or control. The trust in the intermediate certificate to issue the\ncertificate for an MITM device has been revoked, and such a device can no\nlonger be used for MITM attacks. (BZ#1042684)\n\n* Due to a regression, MD5 certificates were rejected by default because\nNetwork Security Services (NSS) did not trust MD5 certificates. With this\nupdate, MD5 certificates are supported in Red Hat Enterprise Linux 5.\n(BZ#11015864)\n\nUsers of nss and nspr are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements.\n", "modified": "2017-09-08T12:06:39", "published": "2014-09-16T04:00:00", "id": "RHSA-2014:1246", "href": "https://access.redhat.com/errata/RHSA-2014:1246", "type": "redhat", "title": "(RHSA-2014:1246) Moderate: nss and nspr security, bug fix, and enhancement update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:01", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1544", "CVE-2014-1545"], "description": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nA race condition was found in the way NSS verified certain certificates.\nA remote attacker could use this flaw to crash an application using NSS or,\npossibly, execute arbitrary code with the privileges of the user running\nthat application. (CVE-2014-1544)\n\nA flaw was found in the way TLS False Start was implemented in NSS.\nAn attacker could use this flaw to potentially return unencrypted\ninformation from the server. (CVE-2013-1740)\n\nA race condition was found in the way NSS implemented session ticket\nhandling as specified by RFC 5077. An attacker could use this flaw to crash\nan application using NSS or, in rare cases, execute arbitrary code with the\nprivileges of the user running that application. (CVE-2014-1490)\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nAn out-of-bounds write flaw was found in NSPR. A remote attacker could\npotentially use this flaw to crash an application using NSPR or, possibly,\nexecute arbitrary code with the privileges of the user running that\napplication. This NSPR flaw was not exposed to web content in any shipped\nversion of Firefox. (CVE-2014-1545)\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues.\nUpstream acknowledges Tyson Smith and Jesse Schwartzentruber as the\noriginal reporters of CVE-2014-1544, Brian Smith as the original reporter\nof CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the\noriginal reporters of CVE-2014-1491, and Abhishek Arya as the original\nreporter of CVE-2014-1545.\n\nIn addition, the nss package has been upgraded to upstream version 3.16.1,\nand the nspr package has been upgraded to upstream version 4.10.6. These\nupdated packages provide a number of bug fixes and enhancements over the\nprevious versions. (BZ#1112136, BZ#1112135)\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich correct these issues and add these enhancements. After installing\nthis update, applications using NSS or NSPR must be restarted for this\nupdate to take effect.\n", "modified": "2018-06-06T20:24:28", "published": "2014-07-22T04:00:00", "id": "RHSA-2014:0917", "href": "https://access.redhat.com/errata/RHSA-2014:0917", "type": "redhat", "title": "(RHSA-2014:0917) Critical: nss and nspr security, bug fix, and enhancement update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:46", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1490", "CVE-2014-1491", "CVE-2014-1492", "CVE-2014-1544", "CVE-2014-1545", "CVE-2014-4607", "CVE-2014-4699", "CVE-2014-4943"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE)\nparameters. This could possibly lead to weak encryption being used in\ncommunication between the client and the server. (CVE-2014-1491)\n\nRed Hat would like to thank the Mozilla project for reporting the\nCVE-2014-1491 issue. Upstream acknowledges Antoine Delignat-Lavaud and\nKarthikeyan Bhargavan as the original reporters of CVE-2014-1491.\n\nThis update includes changes to the rhev-hypervisor component:\n\n* The most recent build of rhev-hypervisor is included in version 3.4.1.\n(BZ#1118298)\n\nThis updated package also provides updated components that include fixes\nfor various security issues. These issues have no security impact on Red\nHat Enterprise Virtualization Hypervisor itself, however. The security\nfixes included in this update address the following CVE numbers:\n\nCVE-2014-4699 and CVE-2014-4943 (kernel issues)\n\nCVE-2014-4607 (lzo issue)\n\nCVE-2013-1740, CVE-2014-1490, CVE-2014-1492, CVE-2014-1545, and\nCVE-2014-1544 (nss and nspr issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.\n", "modified": "2018-06-07T08:59:43", "published": "2014-07-29T04:00:00", "id": "RHSA-2014:0979", "href": "https://access.redhat.com/errata/RHSA-2014:0979", "type": "redhat", "title": "(RHSA-2014:0979) Moderate: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1492"], "description": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv3, TLS, and other\nsecurity standards.\n\nIt was found that the implementation of Internationalizing Domain Names in\nApplications (IDNA) hostname matching in NSS did not follow the RFC 6125\nrecommendations. This could lead to certain invalid certificates with\ninternational characters to be accepted as valid. (CVE-2014-1492)\n\nIn addition, the nss, nss-util, and nss-softokn packages have been upgraded\nto upstream version 3.16.2, which provides a number of bug fixes and\nenhancements over the previous versions. (BZ#1124659)\n\nUsers of NSS are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. After installing this\nupdate, applications using NSS must be restarted for this update to\ntake effect.\n", "modified": "2018-04-12T03:32:38", "published": "2014-08-18T04:00:00", "id": "RHSA-2014:1073", "href": "https://access.redhat.com/errata/RHSA-2014:1073", "type": "redhat", "title": "(RHSA-2014:1073) Low: nss, nss-util, nss-softokn security, bug fix, and enhancement update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:25", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1491"], "description": "[3.16.1-2]\r\n- Backport nss-3.12.6 upstream fix required by Firefox 31 ESR\r\n- Resolves: Bug 1110860\r\n \n[3.16.1-1]\r\n- Rebase to nss-3.16.1 for FF31\r\n- Resolves: Bug 1110860 - Rebase nss in RHEL 5.11 to NSS 3.16.1, required for FF 31\r\n ", "edition": 4, "modified": "2014-09-17T00:00:00", "published": "2014-09-17T00:00:00", "id": "ELSA-2014-1246", "href": "http://linux.oracle.com/errata/ELSA-2014-1246.html", "title": "nss and nspr security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:04", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "description": "nspr\n[4.10.6-1]\n- Rebase to nspr-4.10.6\n- Resolves: rhbz#1112135\nnss\n[3.16.1-4.0.1.el6_5]\n- Added nss-vendor.patch to change vendor\n[3.16.1-4]\n- Update some patches on account of the rebase\n- Resolves: Bug 1099619\n[3.16.1-3]\n- Backport nss-3.12.6 upstream fix required by Firefox 31\n- Resolves: Bug 1099619\n[3.16.1-2]\n- Remove two unused patches and apply a needed one that was missed\n- Resolves: Bug 1112136 - Rebase nss in RHEL 6.5.Z to NSS 3.16.1\n[3.16.1-1]\n- Update to nss-3.16.1\n- Resolves: Bug 1112136 - Rebase nss in RHEL 6.5.Z to NSS 3.16.1\nnss-util\n[3.15.6-1]\n- Update to nss-3.16.1\n- Resolves: rhbz#1112136", "edition": 4, "modified": "2014-07-22T00:00:00", "published": "2014-07-22T00:00:00", "id": "ELSA-2014-0917", "href": "http://linux.oracle.com/errata/ELSA-2014-0917.html", "title": "nss and nspr security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1492"], "description": "nss\n[3.16.2-2.0.1.el7_0]\n- Added nss-vendor.patch to change vendor\n[3.16.2-2]\n- Restore missing options descriptions fix for certutil manpage\n- Document certutil options --dump-ext-val, --extGeneric, and --extSAN\n- Related: Bug 1124659 - Rebase RHEL 7 to at least NSS 3.16.1\n[3.16.2-1]\n- Rebase to nss-3.16.2\n- Resolves: Bug 1124659 - Rebase RHEL 7 to at least NSS 3.16.1 (FF 31)\n- Fix test failure detection in the %check section\n- Move removal of unwanted source directories to the end of the %prep section\n- Update various patches on account of the rebase\n- Remove unused patches rendered obsolete by the rebase\n- Fix libssl and test patches that disable ssl2 support\n- Replace expired PayPal test certificate that breaks the build\nnss-softokn\n[3.16.2-1]\n- Update to nss-3.16.2\n- Resolves: Bug 1124659 - Rebase RHEL 7.1 to at least NSS-SOFTOKN 3.16.1 (FF 31)\nnss-util\n[3.16.2-1]\n- Update to nss-3.16.2\n- Resolves: Bug 1124659 - Rebase RHEL-7.0 to at least NSS 3.16.1 (FF 31)", "edition": 4, "modified": "2014-08-18T00:00:00", "published": "2014-08-18T00:00:00", "id": "ELSA-2014-1073", "href": "http://linux.oracle.com/errata/ELSA-2014-1073.html", "title": "nss, nss-util, nss-softokn security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "f5": [{"lastseen": "2017-06-08T10:18:57", "bulletinFamily": "software", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "edition": 1, "description": "\nF5 Product Development has assigned ID 472696 (BIG-IP), ID 526154 (BIG-IQ), and ID 526159 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H526163 on the **Diagnostics** &gt; **Identified **&gt; **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP AAM| 11.4.0 - 11.6.0| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP AFM| 11.3.0 - 11.6.0| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP Analytics| 11.0.0 - 11.6.0| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP APM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP ASM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| libnss \nBIG-IP GTM| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 11.6.1| Low| libnss \nBIG-IP Link Controller| 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP PEM| 11.3.0 - 11.6.0| 12.0.0 \n11.6.1| Low| libnss \nBIG-IP DNS| None| 12.0.0| Not vulnerable| None \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Low| libnss \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| libnss \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Low| libnss \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Low| libnss \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| libnss \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| libnss \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| libnss \nBIG-IQ ADC| 4.5.0| None| Low| libnss \nLineRate| None| 2.4.0 - 2.6.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.1.0 \n3.3.2 - 3.5.1| Not vulnerable| None\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network and restrict command line access for affected systems to the trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "modified": "2017-03-14T22:06:00", "published": "2015-06-06T00:16:00", "id": "F5:K16716", "href": "https://support.f5.com/csp/article/K16716", "title": "Multiple Mozilla NSS vulnerabilities", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:09:52", "bulletinFamily": "software", "cvelist": ["CVE-2013-1740", "CVE-2014-1545", "CVE-2014-1492", "CVE-2014-1490", "CVE-2014-1544", "CVE-2014-1491"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should only permit management access to F5 products over a secure network and restrict command line access for affected systems to the trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-06-21T00:00:00", "published": "2015-06-05T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/700/sol16716.html", "id": "SOL16716", "title": "SOL16716 - Multiple Mozilla NSS vulnerabilities", "type": "f5", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:58:21", "description": "Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.\nPer: http://cwe.mitre.org/data/definitions/787.html\n\n\"CWE-787: Out-of-bounds Write\"", "edition": 5, "cvss3": {}, "published": "2014-06-11T10:57:00", "title": "CVE-2014-1545", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1545"], "modified": "2017-12-28T02:29:00", "cpe": ["cpe:/a:mozilla:netscape_portable_runtime:4.1.2", "cpe:/a:mozilla:netscape_portable_runtime:4.10", "cpe:/a:mozilla:netscape_portable_runtime:4.2", "cpe:/a:mozilla:netscape_portable_runtime:4.1.1", "cpe:/a:mozilla:netscape_portable_runtime:4.6.4", "cpe:/a:mozilla:netscape_portable_runtime:4.8.7", "cpe:/a:mozilla:netscape_portable_runtime:4.10.1", "cpe:/a:mozilla:netscape_portable_runtime:4.8.4", "cpe:/a:mozilla:netscape_portable_runtime:4.6", "cpe:/a:mozilla:netscape_portable_runtime:4.6.1", "cpe:/a:mozilla:netscape_portable_runtime:4.9.1", "cpe:/a:mozilla:netscape_portable_runtime:4.7.2", "cpe:/a:mozilla:netscape_portable_runtime:4.10.5", "cpe:/a:mozilla:netscape_portable_runtime:4.10.4", "cpe:/a:mozilla:netscape_portable_runtime:4.7.3", "cpe:/a:mozilla:netscape_portable_runtime:4.8.3", "cpe:/a:mozilla:netscape_portable_runtime:4.9.3", "cpe:/a:mozilla:netscape_portable_runtime:4.8.9", "cpe:/a:mozilla:netscape_portable_runtime:4.8.6", "cpe:/a:mozilla:netscape_portable_runtime:4.8", "cpe:/a:mozilla:netscape_portable_runtime:4.6.7", "cpe:/a:mozilla:netscape_portable_runtime:4.6.3", "cpe:/a:mozilla:netscape_portable_runtime:4.7.4", "cpe:/a:mozilla:netscape_portable_runtime:4.5.1", "cpe:/a:mozilla:netscape_portable_runtime:4.6.2", "cpe:/a:mozilla:netscape_portable_runtime:4.7.1", "cpe:/a:mozilla:netscape_portable_runtime:4.9.5", "cpe:/a:mozilla:netscape_portable_runtime:4.8.2", "cpe:/a:mozilla:netscape_portable_runtime:4.9.6", "cpe:/a:mozilla:netscape_portable_runtime:4.8.5", "cpe:/a:mozilla:netscape_portable_runtime:4.10.3", "cpe:/a:mozilla:netscape_portable_runtime:4.6.5", "cpe:/a:mozilla:netscape_portable_runtime:4.4.1", "cpe:/a:mozilla:netscape_portable_runtime:4.3", "cpe:/a:mozilla:netscape_portable_runtime:4.2.2", "cpe:/a:mozilla:netscape_portable_runtime:4.8.8", "cpe:/a:mozilla:netscape_portable_runtime:4.9.2", "cpe:/a:mozilla:netscape_portable_runtime:4.7.5", "cpe:/a:mozilla:netscape_portable_runtime:4.9", "cpe:/a:mozilla:netscape_portable_runtime:4.10.2", "cpe:/a:mozilla:netscape_portable_runtime:4.7.6", "cpe:/a:mozilla:netscape_portable_runtime:4.6.8", "cpe:/a:mozilla:netscape_portable_runtime:4.7", "cpe:/a:mozilla:netscape_portable_runtime:4.6.6", "cpe:/a:mozilla:netscape_portable_runtime:4.9.4"], "id": "CVE-2014-1545", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1545", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:netscape_portable_runtime:4.2.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:39", "description": "The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.", "edition": 5, "cvss3": {}, "published": "2014-01-18T22:55:00", "title": "CVE-2013-1740", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1740"], "modified": "2018-10-09T19:33:00", "cpe": ["cpe:/a:mozilla:network_security_services:3.15.3", "cpe:/a:mozilla:network_security_services:3.14.5", "cpe:/a:mozilla:network_security_services:3.4.2", "cpe:/a:mozilla:network_security_services:3.14.3", "cpe:/a:mozilla:network_security_services:3.6.1", "cpe:/a:mozilla:network_security_services:3.7.7", "cpe:/a:mozilla:network_security_services:3.14.2", "cpe:/a:mozilla:network_security_services:3.12.4", "cpe:/a:mozilla:network_security_services:3.12.5", "cpe:/a:mozilla:network_security_services:3.3", "cpe:/a:mozilla:network_security_services:3.15.2", "cpe:/a:mozilla:network_security_services:3.12.2", "cpe:/a:mozilla:network_security_services:3.7.3", "cpe:/a:mozilla:network_security_services:3.8", "cpe:/a:mozilla:network_security_services:3.12", "cpe:/a:mozilla:network_security_services:3.12.3.2", "cpe:/a:mozilla:network_security_services:3.12.9", "cpe:/a:mozilla:network_security_services:3.2.1", "cpe:/a:mozilla:network_security_services:3.2", "cpe:/a:mozilla:network_security_services:3.7.5", "cpe:/a:mozilla:network_security_services:3.14.4", "cpe:/a:mozilla:network_security_services:3.7.2", "cpe:/a:mozilla:network_security_services:3.15.1", "cpe:/a:mozilla:network_security_services:3.11.2", "cpe:/a:mozilla:network_security_services:3.14.1", "cpe:/a:mozilla:network_security_services:3.11.3", "cpe:/a:mozilla:network_security_services:3.12.6", "cpe:/a:mozilla:network_security_services:3.12.3.1", "cpe:/a:mozilla:network_security_services:3.9", "cpe:/a:mozilla:network_security_services:3.14", "cpe:/a:mozilla:network_security_services:3.12.1", "cpe:/a:mozilla:network_security_services:3.3.2", "cpe:/a:mozilla:network_security_services:3.12.3", "cpe:/a:mozilla:network_security_services:3.6", "cpe:/a:mozilla:network_security_services:3.12.11", "cpe:/a:mozilla:network_security_services:3.7.1", "cpe:/a:mozilla:network_security_services:3.4.1", "cpe:/a:mozilla:network_security_services:3.3.1", "cpe:/a:mozilla:network_security_services:3.12.7", "cpe:/a:mozilla:network_security_services:3.15", "cpe:/a:mozilla:network_security_services:3.11.5", "cpe:/a:mozilla:network_security_services:3.4", "cpe:/a:mozilla:network_security_services:3.11.4", "cpe:/a:mozilla:network_security_services:3.12.10", "cpe:/a:mozilla:network_security_services:3.12.8", "cpe:/a:mozilla:network_security_services:3.5", "cpe:/a:mozilla:network_security_services:3.7"], "id": "CVE-2013-1740", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:21", "description": "Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.", "edition": 7, "cvss3": {}, "published": "2014-02-06T05:44:00", "title": "CVE-2014-1490", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1490"], "modified": "2020-07-31T20:28:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:oracle:vm_server:3.2", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.0", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:fedoraproject:fedora:20", "cpe:/a:oracle:enterprise_manager_ops_center:12.3.0", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.1", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2014-1490", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1490", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:21", "description": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.", "edition": 7, "cvss3": {}, "published": "2014-02-06T05:44:00", "title": "CVE-2014-1491", "type": "cve", "cwe": ["CWE-326"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1491"], "modified": "2020-07-31T20:33:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:oracle:vm_server:3.2", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.0", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:fedoraproject:fedora:20", "cpe:/a:oracle:enterprise_manager_ops_center:12.3.0", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.1", "cpe:/o:opensuse:opensuse:12.3"], "id": "CVE-2014-1491", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1491", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:58:21", "description": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.", "edition": 5, "cvss3": {}, "published": "2014-03-25T13:25:00", "title": "CVE-2014-1492", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-1492"], "modified": "2018-10-09T19:42:00", "cpe": ["cpe:/a:mozilla:network_security_services:3.15.3", "cpe:/a:mozilla:network_security_services:3.14.5", "cpe:/a:mozilla:network_security_services:3.4.2", "cpe:/a:mozilla:network_security_services:3.14.3", "cpe:/a:mozilla:network_security_services:3.6.1", "cpe:/a:mozilla:network_security_services:3.7.7", "cpe:/a:mozilla:network_security_services:3.14.2", "cpe:/a:mozilla:network_security_services:3.12.4", "cpe:/a:mozilla:network_security_services:3.12.5", "cpe:/a:mozilla:network_security_services:3.3", "cpe:/a:mozilla:network_security_services:3.15.2", "cpe:/a:mozilla:network_security_services:3.12.2", "cpe:/a:mozilla:network_security_services:3.15.5", "cpe:/a:mozilla:network_security_services:3.7.3", "cpe:/a:mozilla:network_security_services:3.8", "cpe:/a:mozilla:network_security_services:3.12", "cpe:/a:mozilla:network_security_services:3.12.3.2", "cpe:/a:mozilla:network_security_services:3.12.9", "cpe:/a:mozilla:network_security_services:3.2.1", "cpe:/a:mozilla:network_security_services:3.2", "cpe:/a:mozilla:network_security_services:3.7.5", "cpe:/a:mozilla:network_security_services:3.14.4", "cpe:/a:mozilla:network_security_services:3.7.2", "cpe:/a:mozilla:network_security_services:3.15.1", "cpe:/a:mozilla:network_security_services:3.11.2", "cpe:/a:mozilla:network_security_services:3.14.1", "cpe:/a:mozilla:network_security_services:3.11.3", "cpe:/a:mozilla:network_security_services:3.12.6", "cpe:/a:mozilla:network_security_services:3.12.3.1", "cpe:/a:mozilla:network_security_services:3.9", "cpe:/a:mozilla:network_security_services:3.14", "cpe:/a:mozilla:network_security_services:3.12.1", "cpe:/a:mozilla:network_security_services:3.15.4", "cpe:/a:mozilla:network_security_services:3.3.2", "cpe:/a:mozilla:network_security_services:3.12.3", "cpe:/a:mozilla:network_security_services:3.6", "cpe:/a:mozilla:network_security_services:3.12.11", "cpe:/a:mozilla:network_security_services:3.15.3.1", "cpe:/a:mozilla:network_security_services:3.7.1", "cpe:/a:mozilla:network_security_services:3.4.1", "cpe:/a:mozilla:network_security_services:3.3.1", "cpe:/a:mozilla:network_security_services:3.12.7", "cpe:/a:mozilla:network_security_services:3.15", "cpe:/a:mozilla:network_security_services:3.11.5", "cpe:/a:mozilla:network_security_services:3.4", "cpe:/a:mozilla:network_security_services:3.11.4", "cpe:/a:mozilla:network_security_services:3.12.10", "cpe:/a:mozilla:network_security_services:3.12.8", "cpe:/a:mozilla:network_security_services:3.5", "cpe:/a:mozilla:network_security_services:3.7"], "id": "CVE-2014-1492", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*"]}], "mozilla": [{"lastseen": "2016-09-05T13:37:39", "bulletinFamily": "software", "cvelist": ["CVE-2014-1490", "CVE-2014-1491"], "edition": 1, "description": "Mozilla developer Brian Smith and security researchers\nAntoine Delignat-Lavaud and Karthikeyan\nBhargavan of the Prosecco research team at INRIA Paris reported issues\nwith ticket handling in the Network Security Services (NSS) libraries. These\nhave been addressed in the NSS 3.15.4 release, shipping on affected platforms.", "modified": "2014-02-04T00:00:00", "published": "2014-02-04T00:00:00", "id": "MFSA2014-12", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-12/", "type": "mozilla", "title": "NSS ticket handling issues", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-05T13:37:40", "bulletinFamily": "software", "cvelist": ["CVE-2014-1545"], "edition": 1, "description": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team reported an out of bounds write in the \nNetscape \nPortable Runtime (NSPR) leading to a potentially exploitable crash or code\nexecution. This issue is fixed in NSPR version 4.10.6.\n\nThis NSPR flaw was not exposed to web content in any shipped version of Firefox.", "modified": "2014-06-10T00:00:00", "published": "2014-06-10T00:00:00", "id": "MFSA2014-55", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-55/", "type": "mozilla", "title": "Out of bounds write in NSPR", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:38", "bulletinFamily": "software", "cvelist": ["CVE-2014-1492"], "edition": 1, "description": "Security researcher Christian Heimes reported that the Network Security\nServices (NSS) library does not handle IDNA domain prefixes according to RFC 6125 for wildcard\ncertificates. This leads to improper wildcard matching of domains when they\nshould not be matched in compliance with the specification. This issue was fixed\nin NSS version 3.16.", "modified": "2014-04-29T00:00:00", "published": "2014-04-29T00:00:00", "id": "MFSA2014-45", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2014-45/", "type": "mozilla", "title": "Incorrect IDNA domain name matching for wildcard certificates", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T17:34:23", "description": "BUGTRAQ ID: 65335\r\nCVE(CAN) ID: CVE-2014-1490\r\n\r\nMozilla Network Security Services\u662f\u4e00\u7ec4\u5e93\uff0c\u7528\u4e8e\u652f\u6301\u8de8\u5e73\u53f0\u5f00\u53d1\u5b89\u5168\u7684\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u5668\u5e94\u7528\u3002\r\n\r\nMozilla Network Security Services 3.15.4\u4e4b\u524d\u7248\u672c\u4e2d\uff0clibssl\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\uff0c\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u7528\u6062\u590d\u63e1\u624b\u89e6\u53d1\u4f1a\u8bdd\u7968\u636e\u9519\u8bef\u91cd\u7f6e\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n0\r\nMozilla Network Security Services &lt;= 3.15.4\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\nMozilla\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08mfsa2014-12\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nmfsa2014-12\uff1aNSS ticket handling issues\r\n\u94fe\u63a5\uff1ahttp://www.mozilla.org/security/announce/2014/mfsa2014-12.html", "published": "2014-02-12T00:00:00", "type": "seebug", "title": "Mozilla Network Security Services\u91ca\u653e\u540e\u91cd\u5229\u7528\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2014-1490)", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1490"], "modified": "2014-02-12T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61417", "id": "SSV:61417", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:29:09", "description": "Bugtraq ID:66366\r\nCVE ID:CVE-2014-1492\r\n\r\nNSS\u5b9e\u73b0SSL v2/v3, TLS, PKCS#5, PKCS#7, PKCS#11, PKCS#12, S/MIME, X.509v3\u8bc1\u4e66\u548c\u5176\u4ed6\u5b89\u5168\u6807\u51c6\u3002\r\n\r\nNetwork Security Services &quot;sec_pkcs12_new_asafe()&quot;\u51fd\u6570(security/nss/lib/pkcs12/p12creat.c)\u5b58\u5728\u9519\u8bef\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u7834\u574f\u5185\u5b58\uff0c\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nNetwork Security Services (NSS) 3.x\nNetwork Security Services 3.16\u5df2\u7ecf\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://www.mozilla.org/", "published": "2014-03-25T00:00:00", "title": "Mozilla Network Security Services 'p12creat.c'\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1492"], "modified": "2014-03-25T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61912", "id": "SSV:61912", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": ""}], "debian": [{"lastseen": "2020-08-12T00:53:15", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1741", "CVE-2014-1492", "CVE-2013-5606", "CVE-2014-1491"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2994-1 security@debian.org\nhttp://www.debian.org/security/ Raphael Geissert\nJuly 31, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nss\nCVE ID : CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492\n\nSeveral vulnerabilities have been discovered in nss, the Mozilla Network\nSecurity Service library:\n\nCVE-2013-1741\n\n Runaway memset in certificate parsing on 64-bit computers leading to\n a crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606\n\n Certificate validation with the verifylog mode did not return\n validation errors, but instead expected applications to determine\n the status by looking at the log.\n\nCVE-2014-1491\n\n Ticket handling protection mechanisms bypass due to the lack of\n restriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492\n\n Incorrect IDNA domain name matching for wildcard certificates could\n allow specially-crafted invalid certificates to be considered as\n valid.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2:3.14.5-1+deb7u1.\n\nFor the testing distribution (jessie), and the unstable distribution (sid),\nthese problems have been fixed in version 2:3.16-1.\n\nWe recommend that you upgrade your nss packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2014-07-31T11:51:51", "published": "2014-07-31T11:51:51", "id": "DEBIAN:DSA-2994-1:68FAD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00176.html", "title": "[SECURITY] [DSA 2994-1] nss security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:24:07", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1741", "CVE-2014-1492", "CVE-2013-5606", "CVE-2014-1491"], "description": "Package : nss\nVersion : 3.12.8-1+squeeze8\nCVE ID : CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492\n\nCVE-2013-1741\n\n Runaway memset in certificate parsing on 64-bit computers leading to\n a crash by attempting to write 4Gb of nulls.\n\nCVE-2013-5606\n\n Certificate validation with the verifylog mode did not return\n validation errors, but instead expected applications to determine\n the status by looking at the log.\n\nCVE-2014-1491\n\n Ticket handling protection mechanisms bypass due to the lack of\n restriction of public values in Diffie-Hellman key exchanges.\n\nCVE-2014-1492\n\n Incorrect IDNA domain name matching for wildcard certificates could\n allow specially-crafted invalid certificates to be considered as\n valid.\n", "edition": 7, "modified": "2014-07-31T11:27:15", "published": "2014-07-31T11:27:15", "id": "DEBIAN:DLA-23-1:9724D", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201407/msg00011.html", "title": "[DLA 23-1] nss security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:23", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1545"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2962-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJune 17, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nspr\nCVE ID : CVE-2014-1545\n\nAbhiskek Arya discovered an out of bounds write in the cvt_t() function \nof the NetScape Portable Runtime Library which could result in the \nexecution of arbitrary code.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 2:4.9.2-1+deb7u2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:4.10.6-1.\n\nWe recommend that you upgrade your nspr packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2014-06-17T19:31:38", "published": "2014-06-17T19:31:38", "id": "DEBIAN:DSA-2962-1:09D66", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00143.html", "title": "[SECURITY] [DSA 2962-1] nspr security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:24:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1545"], "description": "Package : nspr\nVersion : 4.8.6-1+squeeze2\nCVE ID : CVE-2014-1545\n\nAbhiskek Arya discovered an out of bounds write in the cvt_t() function of \nthe NetScape Portable Runtime Library which could result in the execution \nof arbitrary code.\n\n", "edition": 7, "modified": "2014-08-07T18:31:41", "published": "2014-08-07T18:31:41", "id": "DEBIAN:DLA-32-1:75FF1", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201408/msg00006.html", "title": "[DLA 32-1] nspr security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:50:17", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1481", "CVE-2014-1487", "CVE-2014-1486", "CVE-2014-1477", "CVE-2014-1482", "CVE-2014-1479", "CVE-2013-1740", "CVE-2014-1490", "CVE-2014-1478", "CVE-2014-1491"], "description": "Updates for mozilla-nss (3.15.4) MozillaFirefox (24.3.0esr)\n MozillaThunderbird (24.3.0) including fixes for the\n following issues:\n * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous\n memory safety hazards (rv:27.0 / rv:24.3)\n * MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected\n content with XBL scopes\n * MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use\n of discarded images by RasterImage\n * MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free\n with imgRequestProxy and image proccessing\n * MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin\n information leak through web workers\n * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545,\n bmo#930874, bmo#930857) NSS ticket handling issues\n * MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent\n JavaScript handling of access to Window objects\n\n", "edition": 1, "modified": "2014-02-08T13:04:12", "published": "2014-02-08T13:04:12", "id": "OPENSUSE-SU-2014:0213-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html", "title": "Mozilla updates February 2014 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2020-11-10T12:37:00", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1545"], "description": "**Issue Overview:**\n\nMozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.\n\n \n**Affected Packages:** \n\n\nnspr\n\n \n**Issue Correction:** \nRun _yum update nspr_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n nspr-debuginfo-4.10.4-1.22.amzn1.i686 \n nspr-4.10.4-1.22.amzn1.i686 \n nspr-devel-4.10.4-1.22.amzn1.i686 \n \n src: \n nspr-4.10.4-1.22.amzn1.src \n \n x86_64: \n nspr-4.10.4-1.22.amzn1.x86_64 \n nspr-debuginfo-4.10.4-1.22.amzn1.x86_64 \n nspr-devel-4.10.4-1.22.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-07-23T14:07:00", "published": "2014-07-23T14:07:00", "id": "ALAS-2014-384", "href": "https://alas.aws.amazon.com/ALAS-2014-384.html", "title": "Critical: nspr", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:44:19", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1545"], "description": "Abhishek Arya discovered that NSPR incorrectly handled certain console \nfunctions. A remote attacker could use this issue to cause NSPR to crash, \nresulting in a denial of service, or possibly execute arbitrary code. The \ndefault compiler options for affected releases should reduce the \nvulnerability to a denial of service.", "edition": 5, "modified": "2014-07-02T00:00:00", "published": "2014-07-02T00:00:00", "id": "USN-2265-1", "href": "https://ubuntu.com/security/notices/USN-2265-1", "title": "NSPR vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:38:04", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740"], "description": "Brian Smith discovered that NSS incorrectly handled the TLS False Start \nfeature. If a remote attacker were able to perform a man-in-the-middle \nattack, this flaw could be exploited to spoof SSL servers.", "edition": 5, "modified": "2014-01-23T00:00:00", "published": "2014-01-23T00:00:00", "id": "USN-2088-1", "href": "https://ubuntu.com/security/notices/USN-2088-1", "title": "NSS vulnerability", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-07-02T11:36:08", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1492"], "description": "It was discovered that NSS incorrectly handled wildcard certificates when \nused with internationalized domain names. If a remote attacker were able to \nperform a man-in-the-middle attack, this flaw could be exploited to spoof \nSSL servers.", "edition": 5, "modified": "2014-04-02T00:00:00", "published": "2014-04-02T00:00:00", "id": "USN-2159-1", "href": "https://ubuntu.com/security/notices/USN-2159-1", "title": "NSS vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "cvelist": ["CVE-2013-1740"], "description": "Invalid TLS False Start feature implementation.", "edition": 1, "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "SECURITYVULNS:VULN:13536", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13536", "title": "Mozilla NSS SSL connection spoofing", "type": "securityvulns", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "cvelist": ["CVE-2013-1740"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2088-1\r\nJanuary 23, 2014\r\n\r\nnss vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n- Ubuntu 12.10\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nNSS could be made to expose sensitive information over the network.\r\n\r\nSoftware Description:\r\n- nss: Network Security Service library\r\n\r\nDetails:\r\n\r\nBrian Smith discovered that NSS incorrectly handled the TLS False Start\r\nfeature. If a remote attacker were able to perform a man-in-the-middle\r\nattack, this flaw could be exploited to spoof SSL servers.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n libnss3 2:3.15.4-0ubuntu0.13.10.1\r\n\r\nUbuntu 12.10:\r\n libnss3 3.15.4-0ubuntu0.12.10.1\r\n\r\nUbuntu 12.04 LTS:\r\n libnss3 3.15.4-0ubuntu0.12.04.1\r\n\r\nUbuntu 10.04 LTS:\r\n libnss3-1d 3.15.4-0ubuntu0.10.04.1\r\n\r\nAfter a standard system update you need to restart any applications that\r\nuse NSS, such as Evolution and Chromium, to make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2088-1\r\n CVE-2013-1740\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/nss/2:3.15.4-0ubuntu0.13.10.1\r\n https://launchpad.net/ubuntu/+source/nss/3.15.4-0ubuntu0.12.10.1\r\n https://launchpad.net/ubuntu/+source/nss/3.15.4-0ubuntu0.12.04.1\r\n https://launchpad.net/ubuntu/+source/nss/3.15.4-0ubuntu0.10.04.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2014-01-29T00:00:00", "published": "2014-01-29T00:00:00", "id": "SECURITYVULNS:DOC:30257", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30257", "title": "[USN-2088-1] NSS vulnerability", "type": "securityvulns", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:50", "bulletinFamily": "software", "cvelist": ["CVE-2014-1492"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:066\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : nss\r\n Date : March 20, 2014\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in mozilla NSS:\r\n \r\n In a wildcard certificate, the wildcard character should not be\r\n embedded within the U-label of an internationalized domain name. See\r\n the last bullet point in RFC 6125, Section 7.2 &#40;CVE-2014-1492&#41;.\r\n \r\n The updated packages have been upgraded to the latest NSPR &#40;4.10.4&#41;\r\n and NSS &#40;3.16&#41; versions which is not vulnerable to this issue.\r\n \r\n Additionally the rootcerts package has also been updated to version\r\n 1.97, which adds, removes, and distrusts several certificates.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492\r\n https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes\r\n https://bugzilla.mozilla.org/show_bug.cgi?id=903885\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 8738aaf947b7c6c0fa8287b0f96b8ddc mes5/i586/libnspr4-4.10.4-0.1mdvmes5.2.i586.rpm\r\n 1ac8455fe46e3f7bcec09a6f87f1720a mes5/i586/libnspr-devel-4.10.4-0.1mdvmes5.2.i586.rpm\r\n 3bc5399622a54a2e5f6803502a82b19f mes5/i586/libnss3-3.16.0-0.1mdvmes5.2.i586.rpm\r\n ea7bfa46a2882105f2cfe0a26e42b1ea mes5/i586/libnss-devel-3.16.0-0.1mdvmes5.2.i586.rpm\r\n 9cd3708423846d3f82db60151e14a467 mes5/i586/libnss-static-devel-3.16.0-0.1mdvmes5.2.i586.rpm\r\n 2e2a82c9a95b050b7de739a1c1beffc2 mes5/i586/nss-3.16.0-0.1mdvmes5.2.i586.rpm\r\n 98b4c278fd3c9d7087297326eff87b6a mes5/i586/nss-doc-3.16.0-0.1mdvmes5.2.i586.rpm\r\n ed3ff055035453d23157578988d3c49e mes5/i586/rootcerts-20140318.00-1mdvmes5.2.i586.rpm\r\n be1ef91bcd1e6d8b351c03b17ece1c39 mes5/i586/rootcerts-java-20140318.00-1mdvmes5.2.i586.rpm \r\n bf65eeba97981710fad16238c21da263 mes5/SRPMS/nspr-4.10.4-0.1mdvmes5.2.src.rpm\r\n 4154b4793f9b606d208d92b5907b43f0 mes5/SRPMS/nss-3.16.0-0.1mdvmes5.2.src.rpm\r\n 6db90539b764add06aaef701dea833ac mes5/SRPMS/rootcerts-20140318.00-1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 8c3517a3a0ef0116fcf2f61d52c4a525 mes5/x86_64/lib64nspr4-4.10.4-0.1mdvmes5.2.x86_64.rpm\r\n a00da7fecfe9ece4f1bdbd354207e8a5 mes5/x86_64/lib64nspr-devel-4.10.4-0.1mdvmes5.2.x86_64.rpm\r\n d77190996863e11f7e9dc1a922478f5b mes5/x86_64/lib64nss3-3.16.0-0.1mdvmes5.2.x86_64.rpm\r\n f600a5d968cd472173dc296f15b9ee84 mes5/x86_64/lib64nss-devel-3.16.0-0.1mdvmes5.2.x86_64.rpm\r\n 0d7bcc34e999d5ec7c9e78a9c2cd01ba mes5/x86_64/lib64nss-static-devel-3.16.0-0.1mdvmes5.2.x86_64.rpm\r\n 98b6d5589ec58f9eca1e7f928f52d7dc mes5/x86_64/nss-3.16.0-0.1mdvmes5.2.x86_64.rpm\r\n f99edb8b077c1b0486317f1a73b5fd4a mes5/x86_64/nss-doc-3.16.0-0.1mdvmes5.2.x86_64.rpm\r\n 5e3cafa689a4138db3bf4cca24562f28 mes5/x86_64/rootcerts-20140318.00-1mdvmes5.2.x86_64.rpm\r\n 8f9f11c3d2049912aec0097e5c33c287 mes5/x86_64/rootcerts-java-20140318.00-1mdvmes5.2.x86_64.rpm \r\n bf65eeba97981710fad16238c21da263 mes5/SRPMS/nspr-4.10.4-0.1mdvmes5.2.src.rpm\r\n 4154b4793f9b606d208d92b5907b43f0 mes5/SRPMS/nss-3.16.0-0.1mdvmes5.2.src.rpm\r\n 6db90539b764add06aaef701dea833ac mes5/SRPMS/rootcerts-20140318.00-1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFTKxT3mqjQ0CJFipgRAo4BAKCuBFcWolEbqGdUVwaVYTumVyeYFQCgz86O\r\nuqAZHLu9OH0gxVEblX+eoh0=\r\n=N99Y\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2014-03-24T00:00:00", "published": "2014-03-24T00:00:00", "id": "SECURITYVULNS:DOC:30375", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30375", "title": "[ MDVSA-2014:066 ] nss", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:11", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1740"], "description": "New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current\nto fix a security issue.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/mozilla-nss-3.15.4-i486-1_slack14.1.txz: Upgraded.\n Upgraded to nss-3.15.4 and nspr-4.10.3.\n Fixes a possible man-in-the-middle issue.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mozilla-nss-3.15.4-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mozilla-nss-3.15.4-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mozilla-nss-3.15.4-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mozilla-nss-3.15.4-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/mozilla-nss-3.15.4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/mozilla-nss-3.15.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n25d19027bc005b90eb5f2b011ff7d796 mozilla-nss-3.15.4-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n67363d6009a95cdd2493ea32a7570199 mozilla-nss-3.15.4-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n07839b5afc57ea47abb1466a4ea2df1c mozilla-nss-3.15.4-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nf4a3f0dd24e741250835f9e974af6b45 mozilla-nss-3.15.4-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n11ec324bb08b840bb19e01ff73feffec l/mozilla-nss-3.15.4-i486-1.txz\n\nSlackware x86_64 -current package:\n5cb2976c86c99fe98dff6a508268012c l/mozilla-nss-3.15.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg mozilla-nss-3.15.4-i486-1_slack14.1.txz", "modified": "2014-01-28T14:58:39", "published": "2014-01-28T14:58:39", "id": "SSA-2014-028-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.389201", "type": "slackware", "title": "mozilla-nss", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-10-25T16:36:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1492"], "description": "New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/mozilla-nss-3.16-i486-1_slack14.1.txz: Upgraded.\n This update fixes a security issue:\n The cert_TestHostName function in lib/certdb/certdb.c in the\n certificate-checking implementation in Mozilla Network Security Services\n (NSS) before 3.16 accepts a wildcard character that is embedded in an\n internationalized domain name's U-label, which might allow man-in-the-middle\n attackers to spoof SSL servers via a crafted certificate.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mozilla-nss-3.16-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mozilla-nss-3.16-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mozilla-nss-3.16-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mozilla-nss-3.16-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/mozilla-nss-3.16-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/mozilla-nss-3.16-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n242bb80f2ee439a7efe3d6f65cbfe284 mozilla-nss-3.16-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n9a3431c219c1b5d167f5f5b08dc14e4f mozilla-nss-3.16-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\necf19523a07ce5da094ec81f60104eb0 mozilla-nss-3.16-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n73507c2d51dd0253f3d481b12301ac3a mozilla-nss-3.16-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n3e887a5c8ede8766cb9520018d4b8585 l/mozilla-nss-3.16-i486-1.txz\n\nSlackware x86_64 -current package:\n905c99253e181cfcdf89096a8326d8cf l/mozilla-nss-3.16-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg mozilla-nss-3.16-i486-1_slack14.1.txz", "modified": "2014-03-28T22:54:39", "published": "2014-03-28T22:54:39", "id": "SSA-2014-086-04", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.414472", "type": "slackware", "title": "[slackware-security] mozilla-nss", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "intothesymmetry": [{"lastseen": "2017-07-29T13:22:30", "bulletinFamily": "blog", "cvelist": ["CVE-2014-1491"], "description": "tl;dr While the TLS servers attacks has been pretty much studied and fixed (see e.g. [https://www.secure-resumption.com/](<https://hackerone.com/redirect?signature=b1dd4a474bb9573a4ea8dba3f5904d0d650dd497&url=https%3A%2F%2Fwww.secure-resumption.com%2F> \"https://www.secure-resumption.com/\" ) and [https://weakdh.org/](<https://hackerone.com/redirect?signature=fb20be7dfab1de205e220b701d3cd806e9f37082&url=https%3A%2F%2Fweakdh.org%2F> \"https://weakdh.org/\" )) the situation with the TLS clients is (was) not ideal and can be improved. Here I report a Small subgroup attack for TLS clients that I performed against various browsers and reported. \n \nWhoever reads this blog is used to read about [OAuth](<http://oauth.net/2/>) . \nFor once (and maybe more in the future) let's hijack the usual topic and let's talk about my new \"passion\" : [TLS ](<https://en.wikipedia.org/wiki/Transport_Layer_Security>)in particular [Diffie\u2013Hellman](<https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange>) (DH from now on). \n \nNow, before to start I need to clarify one thing **IANAC (I am not a cryptographer)** so I might likely end up writing a bunch of mistakes in this blog post... \n \nDiffie-Hellman is used in SSL/TLS, as \"ephemeral Diffie-Hellman\" (EDH) and it is probably going to be kill soonish (or at least is the [intent of Google Chrome](<https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/dYyhKHPnrI0>)). FWIW I personally agree with this unless EDH implements the [Negotiated Finite Field specification](<https://tools.ietf.org/html/draft-ietf-tls-negotiated-ff-dhe-10>). \n \nNow in the last years there were at least a couple of issue that affected EDH: \n\n\n * [Triple Handshakes](<https://www.secure-resumption.com/>)\n * [Logjam Attack ](<https://weakdh.org/>)\nWhat I am going to describe here is by far less severe that the issues above. Indeed has been rated by [Mozilla NSS as security moderate ](<https://bugzilla.mozilla.org/show_bug.cgi?id=1160139>)and[ Google Chrome did not consider harmful at all ](<https://code.google.com/p/chromium/issues/detail?id=482950>)(and since [Adam Langley](<http://imperialviolet.org/>) is one of the people that is on this side I got to agree with him :) ). \n \nBut here the details: \n \nWhen using TLS_DHE_RSA_WITH_AES_128_CBC_SHA Firefox/Chrome doesn't accept degenerate public key of value 0,1 and -1 since this key lead to pms that is {0,1, -1}. \nThis (the -1 case) is probably a consequence of CVE-2014-1491 (raised as part of the[ Triple Handshake Attack](<https://www.secure-resumption.com/>) ). \n \nI would refer to the classic Diffie Hellman nomenclature \n\n\n * p as the prime number\n * g the generator with order p-1 = q\n * y public key\n * x private key\n\n## Observation \n\nIf (p-1)/4 = 0 (mod p) then if I choose my private key x = (p-1)/4 then my public key \ny = g^x will generates a prime-order subgroup of size 4. \n \nThis means that Mozilla/Chrome will agree on a pms = 1 one time out of 4. \n \n\n\n## The issue\n\nI set up a server with \n \np = 13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084241 \ng = 3 \nq =1 \n \nand TLS_DHE_RSA_WITH_AES_128_CBC_SHA as cipher. \n \nDuring the negotiation with Chrome I always choose \n \nx= (p-1)/4 = 3351951982485649274893506249551461531869841455148098344430890360930441007518386744200468574541725856922507964546621512713438470702986642486608412251521060 \n \nand pass \n \ny = 11130333445084706427994000041243435077443611277989851635896953056790400956946719341695219235480436483595595868058263313228038179294276393680262837344694991 \n \nChrome/Firefox will happily \"agree\" on those 4 pms \n\n\n * 1\n * 2277474484857890671580024956962411050035754542602541741826608386931363073126827635106655062686466944094435990128222737625715703517670176266170811661389250\n * 13407807929942597099574024998205846127479365820592393377723561443721764030073546976801874298166903427690031858186486050853753882811946569946433649006084240\n * 11130333445084706427994000041243435077443611277989851635896953056790400956946719341695219235480436483595595868058263313228038179294276393680262837344694991\n \nOf course the \"worse\" one is 1 and happens to be 1 time out of 4 (according to [Adam Langley](<http://imperialviolet.org/>) though \"here's nothing special about sending an odd DH value, it could equally well make its DH private key equal to 42\"). So not big deal :( \n \nJust for the record even the easier suggestion given in [1] aka \n** \n\"Make sure that g^x,g^y and g^xy do not equal to 1\"** \n \n is not followed and this happens with very high probability (25%) \n \n\n\n## The Summary\n\n \n\n\n * NSS as [https://bugzilla.mozilla.org/show_bug.cgi?id=1160139](<https://hackerone.com/redirect?signature=7e2aa2a84237b56d6991f06ea93e3d715eb8bfa9&url=https%3A%2F%2Fbugzilla.mozilla.org%2Fshow_bug.cgi%3Fid%3D1160139> \"https://bugzilla.mozilla.org/show_bug.cgi?id=1160139\" ) (this is now fixed) and will be solved in the next version of Firefox \n * Chrome just switched to boringSSL (previously it was also using NSS) I did report in [https://code.google.com/p/chromium/issues/detail?id=482950](<https://hackerone.com/redirect?signature=5c6153e640ab14593e569cd848c0fa6825803318&url=https%3A%2F%2Fcode.google.com%2Fp%2Fchromium%2Fissues%2Fdetail%3Fid%3D482950> \"https://code.google.com/p/chromium/issues/detail?id=482950\" ) but is **NOT **considered harmful for them \n * The situation for Safari is a bit a disaster at the moment. See also [http://www.openwall.com/lists/oss-security/2014/03/04/8](<https://hackerone.com/redirect?signature=6ede81e44ff2217ce1318b056db0f9795362ecaf&url=http%3A%2F%2Fwww.openwall.com%2Flists%2Foss-security%2F2014%2F03%2F04%2F8> \"http://www.openwall.com/lists/oss-security/2014/03/04/8\" ) . I will try to report somehow downstream to konqueror\n \n[1][ http://crypto.cs.mcgill.ca/~stiglic/Papers/dhfull.pdf](<http://crypto.cs.mcgill.ca/~stiglic/Papers/dhfull.pdf>)", "modified": "2016-10-24T06:29:52", "published": "2015-12-22T13:29:00", "id": "INTOTHESYMMETRY:B03F7642DA15D61E22B6B3EFD6F539A4", "href": "http://blog.intothesymmetry.com/2015/12/small-subgroup-attack-in-mozilla-nss.html", "type": "intothesymmetry", "title": "Small subgroup attack in Mozilla NSS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}