Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : nss vulnerability (USN-2063-1)

It was discovered that an intermediate certificate was incorrectly issued by a subordinate certificate authority of a trusted CA included in NSS. This intermediate certificate could be used in a man-in-the-middle attack, and has such been marked as untrusted in this update. Note that Tenable...

ANSSI certificate is used for spoofing

ANSSI agency uses valid intermediate certificate in traffic sniffing device...

RedHat Update for ca-certificates RHSA-2013:1866-01

Check for the Version of ca-certificates OpenVAS Vulnerability Test RedHat Update for ca-certificates RHSA-2013:1866-01 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

CentOS Update for nss CESA-2013:1861 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for ca-certificates CESA-2013:1866 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for nss CESA-2013:1861 centos5

Check for the Version of nss OpenVAS Vulnerability Test CentOS Update for nss CESA-2013:1861 centos5 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Ubuntu Update for nss USN-2063-1

Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN20631.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for nss USN-2063-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...

RedHat Update for nss RHSA-2013:1861-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for nss RHSA-2013:1861-01

Check for the Version of nss OpenVAS Vulnerability Test RedHat Update for nss RHSA-2013:1861-01 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

USN-2063-1: NSS vulnerability

It was discovered that an intermediate certificate was incorrectly issued by a subordinate certificate authority of a trusted CA included in NSS. This intermediate certificate could be used in a machine-in-the-middle attack, and has such been marked as untrusted in this update...

RHEL 5 / 6 : nss (RHSA-2013:1861)

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Network Security Services NSS is a set of libraries designed to support the cross-platform...

CentOS 6 : ca-certificates (CESA-2013:1866)

An updated ca-certificates package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. This package contains the set of CA certificates chosen by the Mozilla Foundation for use...

SuSE 11.2 Security Update : libfreebl3 (SAT Patch Number 8648)

Mozilla NSS has been updated to the 3.15.3.1 security release. The update blacklists an intermediate CA that was abused to create man in the middle certificates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

RHEL 6 : ca-certificates (RHSA-2013:1866)

An updated ca-certificates package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. This package contains the set of CA certificates chosen by the Mozilla Foundation for use...

Mozilla Thunderbird < 24.2 Multiple Vulnerabilities

Binary data 8071.prm...

Firefox ESR 24.x < 24.2 Multiple Vulnerabilities

The installed version of Firefox ESR 24.x is earlier than 24.2, and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two...

Firefox 26 Makes Java Plugins Click-to-Play, Fixes 14 Security Flaws

Mozilla has released a major new version of Firefox, which includes fixes for more than a dozen security vulnerabilities as well as an important change that makes all Java plugins click-to-play be default. This feature prevents those plugins from running automatically on Web pages, which helps...

Mis-issued ANSSI/DCSSI certificate — Mozilla

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle MITM traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d'information ANSSI, an agency of t...

French Government Impersonates Google Digital Certificate

Google last week revoked digital certificates for some of its domains that had been fraudulently signed by an intermediate certificate authority with links to France’s cyber-defense agency. The Agence Nationale de la Sécurité des Systèmes d’Information ANSSI claims that the spoofed Google...

Certificate update

Security Certificate update Share December 9th, 2013 Last week we became aware of the existence of several unauthorized security certificates, issued in violation of rules for creation of such certificates. The certificates chained back to a French certificate authority, ANSSI, and had been signe...