104 matches found
Debian DLA-677-1 : nss security update
The Network Security Service NSS libraries uses environment variables to configure lots of things, some of which refer to file system locations. Others can be degrade the operation of NSS in various ways, forcing compatibility modes and so on. Previously, these environment variables were not...
nspr, nss security update
CentOS Errata and Security Advisory CESA-2016:0685 An update for nss, nspr, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whi...
CentOS Update for nss-util CESA-2016:0591 centos6
Check the version of nss-util SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882447";...
FreeBSD : NSS -- multiple vulnerabilities (c4292768-5273-4f17-a267-c5fe35125ce4)
Mozilla Foundation reports : Security researcher Francis Gabriel reported a heap-based buffer overflow in the way the Network Security Services NSS libraries parsed certain ASN.1 structures. An attacker could create a specially crafted certificate which, when parsed by NSS, would cause it to cras...
SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2014:0248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nss security update
CentOS Errata and Security Advisory CESA-2015:1185 Updated nss and nss-util packages that fix one security issue, several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact...
SuSE 11.3 Security Update : mozilla-nss (SAT Patch Number 9777)
Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. - Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services NSS libraries affecting all versions. He discovered that NSS is vulnerable to a variant ...
Updated nss packages fix CVE-2014-1568
Updated nss packages fix security vulnerability: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services NSS libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack...
Google Chrome < 37.0.2062.124 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.124. It is, therefore, affected by an issue in the Network Security Services NSS libraries. This issue is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forgery of RSA...
Google Chrome < 37.0.2062.124 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.124. It is, therefore, affected by an issue in the Network Security Services NSS libraries. This issue is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forgery...
RSA Signature Forgery in NSS — Mozilla
Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services NSS libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is...
openSUSE Security Update : nss-201112 (openSUSE-SU-2012:0030-1) (BEAST)
The Mozilla NSS libraries were updated to version 3.13.1 to fix various bugs and security problems. Following security issues were fixed : - SSL 2.0 is disabled by default - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong CVE-2011-3389 is...
SuSE 11.3 Security Update : MozillaFirefox (SAT Patch Number 8879)
This updates the Mozilla Firefox browser to the 24.3.0ESR security release. The Mozilla NSS libraries are now on version 3.15.4. The following security issues have been fixed : - Memory safety bugs fixed in Firefox ESR 24.3 and Firefox 27.0 CVE-2014-1477bnc862345. MFSA 2014-01 - Using XBL scopes...
Mozilla Thunderbird < 24.3 Multiple Vulnerabilities
Binary data 8100.prm...
CentOS Update for nss-util CESA-2013:1829 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 10.10 / 11.04 : nss vulnerability (USN-1197-4)
USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for the Network Security Service libraries NSS. USN-1197-1 It was discovered that Dutch...
Mandriva Security Advisory MDVSA-2009:197-3 (nss)
The remote host is missing an update to nss announced via advisory MDVSA-2009:197-3. OpenVAS Vulnerability Test $Id: mdksa20091973.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:197-3 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird)
The remote host is missing an update to mozilla-thunderbird announced via advisory MDVSA-2009:216. OpenVAS Vulnerability Test $Id: mdksa2009216.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:216 mozilla-thunderbird Authors: Thomas Reinke Copyright:...
Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)
Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate CVE-2009-2408 and md2 algorithm flaws CVE-2009-2409, and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate CVE-2009-2404. This updat...
Mandriva Update for mozilla-firefox MDKSA-2007:050-1 (mozilla-firefox)
Check for the Version of mozilla-firefox OpenVAS Vulnerability Test Mandriva Update for mozilla-firefox MDKSA-2007:050-1 mozilla-firefox Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...