Security Bulletin: Multiple vulnerabilities in Network Security Services (NSS) component affect SAN Volume Controller, Storwize family and FlashSystem V9000 products.

Summary Vulnerabilities in Network Security Services NSS component affect IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. Though the CVE descriptions below document the vulnerabilities in the context of the Mozilla product, the IBM SAN Volume Controller, Storwize Family...

SUSE: Security Advisory (SUSE-SU-2017:1175-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group...

CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group...

CVE-2016-8635

CVE-2016-8635 describes a small subgroup confinement attack in the Diffie-Hellman client key exchange within NSS 3.21.x, enabling potential private-key recovery. Connected docs show NSS-related advisories affecting IBM PowerKVM (PowerKVM 2.1/3.1 lines; fixes via PowerKVM updates to 2.1.1.3-65 and...

Security Bulletin: IBM Security Access Manager appliances are affected by vulnerabilities in Network Security Services (NSS) (CVE-2016-2834, CVE-2016-5285, CVE-2016-8635)

Summary Vulnerabilities have been identified in the Network Security Services NSS libraries. IBM Security Access Manager appliances use NSS and are affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-2834 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla...

Security Bulletin: Vulnerabilities in Mozilla Network Security Services (NSS) affect IBM MQ Appliance (CVE-2016-2834, CVE-2016-5285, CVE-2016-8635)

Summary Security vulnerabilities in Mozilla Network Security Services NSS affect IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2834 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote...

Amazon Linux AMI : nss-util / nss,nss-softokn (ALAS-2016-774)

CVE-2016-2834 nss: Multiple security flaws MFSA 2016-61 Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the...

CentOS Update for nss CESA-2016:2779 centos5

Check for the Version of nss SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882596";...

CentOS Update for nss-util CESA-2016:2779 centos6

Check for the Version of nss-util SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882593";...

nss security update

CentOS Errata and Security Advisory CESA-2016:2779 An update for nss and nss-util is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

OracleVM 3.3 / 3.4 : nssnss-util (OVMSA-2016-0159)

The remote OracleVM system is missing necessary patches to address critical security updates : nss - Added nss-vendor.patch to change vendor - Mozilla 1314604 / Red Hat CVE-2016-8635 - remove disablehwgcm.patch which hasn't been used since 3.16.1 - Rebase to NSS 3.21.3 - Resolves: 1383885 nss-uti...

OracleVM 3.2 : nss (OVMSA-2016-0160)

The remote OracleVM system is missing necessary patches to address critical security updates : - Mozilla 1314604 / Red Hat CVE-2016-8635 - Rebase to NSS 3.21.3 - Resolves: Bug 1347908 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle...

Oracle Linux 5 / 6 / 7 : nss / and / nss-util (ELSA-2016-2779)

The remote Oracle Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2779 advisory. - Mozilla 1314604 / Red Hat CVE-2016-8635 - Remove patch for CVE-2016-1950, which is included in the release Tenable has extracted the precedin...

Moderate: Red Hat Security Advisory: nss and nss-util security update

An update for nss and nss-util is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group...

nss and nss-util security update

nss 3.21.3-2.0.1 - Added nss-vendor.patch to change vendor 3.21.3-2 - Mozilla 1314604 / Red Hat CVE-2016-8635 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to NSS 3.21.3 - Resolves: 1383887 nss-util 3.21.3-1.1 - rebuild 3.21.3-1 - Rebase to nss-3.21.3 - Remove patch for CVE-2016-1950, which is included ...

RHEL 5 / 6 / 7 : nss and nss-util (RHSA-2016:2779)

The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2779 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client an...