Oracle iPlanet Web Server 6.1.x < 6.1.21 / 7.0.x < 7.0.22 NSS Signature Handling Remote Code Injection

According to its self-reported version, the Oracle iPlanet Web Server formerly known as Sun Java System Web Server running on the remote host is 6.1.x prior to 6.1.21 or 7.0.x prior to 7.0.22. It is, therefore, affected by a flaw in the definitelengthdecoder function in the Network Security...

Oracle iPlanet Web Proxy Server 4.0.x < 4.0.26 NSS Signature Handling Remote Code Injection

According to its self-reported version, the Oracle iPlanet Web Proxy Server formerly known as Sun Java System Web Proxy Server installed on the remote host is version 4.0.x prior to 4.0.26. It is, therefore, affected by a flaw in the definitelengthdecoder function in the Network Security Services...

[SECURITY] [DSA 3186-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3186-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 13, 2015 http://www.debian.org/security/faq -...

DSA-3186-1 nss - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3186-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2452-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : NSS vulnerability (USN-2452-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2452-1 advisory. It was discovered that NSS incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack. Tenable...

USN-2452-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack...

DEBIAN-CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

UBUNTU-CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...