Lucene search
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2015-1699.NASLHistorySep 17, 2015 - 12:00 a.m.
RHEL 6 / 7 : nss-softokn (RHSA-2015:1699)
2015-09-1700:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
Updated nss-softokn packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks.
(CVE-2015-2730)
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Watson Ladd as the original reporter of this issue.
All nss-softokn users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2015:1699. The text
# itself is copyright (C) Red Hat, Inc.
#
include("compat.inc");
if (description)
{
script_id(85969);
script_version("1.12");
script_cvs_date("Date: 2019/10/24 15:35:40");
script_cve_id("CVE-2015-2730");
script_xref(name:"RHSA", value:"2015:1699");
script_name(english:"RHEL 6 / 7 : nss-softokn (RHSA-2015:1699)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated nss-softokn packages that fix one security issue are now
available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Moderate
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications.
A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve
Digital Signature Algorithm) signatures. Under certain conditions, an
attacker could use this flaw to conduct signature forgery attacks.
(CVE-2015-2730)
Red Hat would like to thank the Mozilla project for reporting this
issue. Upstream acknowledges Watson Ladd as the original reporter of
this issue.
All nss-softokn users are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue."
);
script_set_attribute(
attribute:"see_also",
value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2015:1699"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2015-2730"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nss-softokn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nss-softokn-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/05");
script_set_attribute(attribute:"patch_publication_date", value:"2015/09/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/17");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x / 7.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2015:1699";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL6", reference:"nss-softokn-3.14.3-23.el6_7")) flag++;
if (rpm_check(release:"RHEL6", reference:"nss-softokn-debuginfo-3.14.3-23.el6_7")) flag++;
if (rpm_check(release:"RHEL6", reference:"nss-softokn-devel-3.14.3-23.el6_7")) flag++;
if (rpm_check(release:"RHEL6", reference:"nss-softokn-freebl-3.14.3-23.el6_7")) flag++;
if (rpm_check(release:"RHEL6", reference:"nss-softokn-freebl-devel-3.14.3-23.el6_7")) flag++;
if (rpm_check(release:"RHEL7", reference:"nss-softokn-3.16.2.3-13.el7_1")) flag++;
if (rpm_check(release:"RHEL7", reference:"nss-softokn-debuginfo-3.16.2.3-13.el7_1")) flag++;
if (rpm_check(release:"RHEL7", reference:"nss-softokn-devel-3.16.2.3-13.el7_1")) flag++;
if (rpm_check(release:"RHEL7", reference:"nss-softokn-freebl-3.16.2.3-13.el7_1")) flag++;
if (rpm_check(release:"RHEL7", reference:"nss-softokn-freebl-devel-3.16.2.3-13.el7_1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nss-softokn / nss-softokn-debuginfo / nss-softokn-devel / etc");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | nss-softokn | p-cpe:/a:redhat:enterprise_linux:nss-softokn |
| redhat | enterprise_linux | nss-softokn-debuginfo | p-cpe:/a:redhat:enterprise_linux:nss-softokn-debuginfo |
| redhat | enterprise_linux | nss-softokn-devel | p-cpe:/a:redhat:enterprise_linux:nss-softokn-devel |
| redhat | enterprise_linux | nss-softokn-freebl | p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl |
| redhat | enterprise_linux | nss-softokn-freebl-devel | p-cpe:/a:redhat:enterprise_linux:nss-softokn-freebl-devel |
| redhat | enterprise_linux | 6 | cpe:/o:redhat:enterprise_linux:6 |
| redhat | enterprise_linux | 6.7 | cpe:/o:redhat:enterprise_linux:6.7 |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | 7.1 | cpe:/o:redhat:enterprise_linux:7.1 |
| redhat | enterprise_linux | 7.2 | cpe:/o:redhat:enterprise_linux:7.2 |
Related
prion
prion
Code injection
2015-07-06 02:01:00
oraclelinux
oraclelinux
nss-softokn security update
2015-09-01 00:00:00
nss security, bug fix, and enhancement update
2015-08-24 00:00:00
openvas
openvas
CentOS Update for nss-softokn CESA-2015:1699 centos7
2015-09-02 00:00:00
Mozilla Firefox Security Advisory (MFSA2015-64) - Linux
2021-11-11 00:00:00
RedHat Update for nss-softokn RHSA-2015:1699-01
2015-09-02 00:00:00
ibm
ibm
f5
f5
SOL15955144 - Mozilla NSS vulnerability CVE-2015-2730
2016-02-03 00:00:00
K15955144 : Mozilla NSS vulnerability CVE-2015-2730
2016-02-03 00:00:00
nessus
nessus
Amazon Linux AMI : nss-softokn (ALAS-2015-596)
2015-09-23 00:00:00
Scientific Linux Security Update : nss-softokn on SL6.x, SL7.x i386/x86_64 (20150901)
2015-09-03 00:00:00
Oracle Linux 6 / 7 : nss-softokn (ELSA-2015-1699)
2015-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2015-2730
2015-07-05 00:00:00
debiancve
debiancve
CVE-2015-2730
2015-07-06 02:01:00
redhat
redhat
(RHSA-2015:1699) Moderate: nss-softokn security update
2015-09-01 00:00:00
(RHSA-2015:1664) Moderate: nss security, bug fix, and enhancement update
2015-08-24 00:00:00
mozilla
mozilla
veracode
veracode
Spoofable ECDSA Signatures
2019-01-15 09:07:31
cvelist
cvelist
CVE-2015-2730
2015-07-06 01:00:00
amazon
amazon
Medium: nss-softokn
2015-09-22 10:00:00
centos
centos
nss security update
2015-09-01 15:35:07
nss security update
2015-08-24 18:12:13
cve
cve
CVE-2015-2730
2015-07-06 02:01:00
ubuntu
ubuntu
NSS vulnerabilities
2015-07-09 00:00:00
Firefox vulnerabilities
2015-07-15 00:00:00
Firefox vulnerabilities
2015-07-09 00:00:00
debian
debian
[SECURITY] [DSA 3336-1] nss security update
2015-08-17 19:13:08
[SECURITY] [DLA 315-1] nss security update
2015-09-27 11:36:49
[SECURITY] [DSA 3336-1] nss security update
2015-08-17 19:13:26
osv
osv
nss - security update
2015-09-27 00:00:00
nss - security update
2015-08-17 00:00:00
mageia
mageia
Updated firefox package fixes security vulnerability
2015-07-05 20:22:03
suse
suse
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-07-20 11:08:17
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-07-20 12:09:44
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-07-20 12:08:39
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-07-02 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-07-13 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00
Related for REDHAT-RHSA-2015-1699.NASL