19 matches found
EUVD-2013-1767
Malware in sbrugna...
CentOS Update for nss CESA-2014:1246 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20140916)
A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. CVE-2013-1740 A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker coul...
Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Oracle Traffic Director Multiple Vulnerabilities (July 2014 CPU)
The remote host is running an unpatched version of Oracle Traffic Director that is affected by the following vulnerabilities : - The implementation of Network Security Services NSS does not ensure that data structures are initialized, which could result in a denial of service or disclosure of...
CentOS Update for nss CESA-2014:0917 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for nss-util CESA-2014:0917 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nspr, nss security update
CentOS Errata and Security Advisory CESA-2014:0917 Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security...
Scientific Linux Security Update : nss and nspr on SL6.x i386/x86_64 (20140722)
A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. CVE-2014-1544 A flaw was found in the way TLS False Start...
nss: false start PR_Recv information disclosure security issue
A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server...
Critical: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base...
Oracle iPlanet Web Proxy Server 4.0 < 4.0.24 Multiple Vulnerabilities
The remote host has a version of Oracle iPlanet Web Proxy Server formerly Sun Java System Web Proxy Server 4.0 prior to 4.0.24. It is, therefore, affected by the following vulnerabilities : - The implementation of Network Security Services NSS does not ensure that data structures are initialized,...
[USN-2088-1] NSS vulnerability
========================================================================== Ubuntu Security Notice USN-2088-1 January 23, 2014 nss vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Ubuntu Update for nss USN-2088-1
Check for the Version of nss OpenVAS Vulnerability Test $Id: gbubuntuUSN20881.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for nss USN-2088-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you ca...
USN-2088-1: NSS vulnerability
Brian Smith discovered that NSS incorrectly handled the TLS False Start feature. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to spoof SSL servers...
Mandriva Linux Security Advisory : nss (MDVSA-2014:012)
A vulnerability has been discovered and corrected in Mozilla NSS : The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an...
CVE-2013-1740
The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...
DEBIAN-CVE-2013-1740
The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...
CVE-2013-1740
The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...