Lucene search
Symantec Security ResponseSMNTC-111311HistoryDec 26, 2019 - 12:00 a.m.
Mozilla Network Security Services CVE-2019-17006 Heap Buffer Overflow Vulnerability
2019-12-2600:00:00
Symantec Security Response
www.symantec.com
125
Description
Mozilla Network Security Services (NSS) is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Mozilla Network Security Services (NSS) versions prior to 3.46 are vulnerable.
Technologies Affected
- Mozilla Network Security Services (NSS) 3.11
- Mozilla Network Security Services (NSS) 3.11.2
- Mozilla Network Security Services (NSS) 3.11.3
- Mozilla Network Security Services (NSS) 3.11.4
- Mozilla Network Security Services (NSS) 3.11.5
- Mozilla Network Security Services (NSS) 3.12
- Mozilla Network Security Services (NSS) 3.12.1
- Mozilla Network Security Services (NSS) 3.12.10
- Mozilla Network Security Services (NSS) 3.12.11
- Mozilla Network Security Services (NSS) 3.12.2
- Mozilla Network Security Services (NSS) 3.12.3
- Mozilla Network Security Services (NSS) 3.12.3.1
- Mozilla Network Security Services (NSS) 3.12.3.2
- Mozilla Network Security Services (NSS) 3.12.4
- Mozilla Network Security Services (NSS) 3.12.5
- Mozilla Network Security Services (NSS) 3.12.6
- Mozilla Network Security Services (NSS) 3.12.7
- Mozilla Network Security Services (NSS) 3.12.8
- Mozilla Network Security Services (NSS) 3.12.9
- Mozilla Network Security Services (NSS) 3.13.3
- Mozilla Network Security Services (NSS) 3.13.4
- Mozilla Network Security Services (NSS) 3.14
- Mozilla Network Security Services (NSS) 3.14.1
- Mozilla Network Security Services (NSS) 3.14.2
- Mozilla Network Security Services (NSS) 3.14.3
- Mozilla Network Security Services (NSS) 3.14.4
- Mozilla Network Security Services (NSS) 3.14.5
- Mozilla Network Security Services (NSS) 3.15
- Mozilla Network Security Services (NSS) 3.15.1
- Mozilla Network Security Services (NSS) 3.15.2
- Mozilla Network Security Services (NSS) 3.15.3
- Mozilla Network Security Services (NSS) 3.15.3.1
- Mozilla Network Security Services (NSS) 3.15.4
- Mozilla Network Security Services (NSS) 3.15.5
- Mozilla Network Security Services (NSS) 3.16
- Mozilla Network Security Services (NSS) 3.16.2.1
- Mozilla Network Security Services (NSS) 3.16.5
- Mozilla Network Security Services (NSS) 3.17
- Mozilla Network Security Services (NSS) 3.17.1
- Mozilla Network Security Services (NSS) 3.17.3
- Mozilla Network Security Services (NSS) 3.19.1
- Mozilla Network Security Services (NSS) 3.19.2.3
- Mozilla Network Security Services (NSS) 3.2.0
- Mozilla Network Security Services (NSS) 3.2.1
- Mozilla Network Security Services (NSS) 3.20
- Mozilla Network Security Services (NSS) 3.20.1
- Mozilla Network Security Services (NSS) 3.20.2
- Mozilla Network Security Services (NSS) 3.21
- Mozilla Network Security Services (NSS) 3.21.1
- Mozilla Network Security Services (NSS) 3.21.4
- Mozilla Network Security Services (NSS) 3.23
- Mozilla Network Security Services (NSS) 3.24.0
- Mozilla Network Security Services (NSS) 3.28.0
- Mozilla Network Security Services (NSS) 3.28.4
- Mozilla Network Security Services (NSS) 3.29
- Mozilla Network Security Services (NSS) 3.29.1
- Mozilla Network Security Services (NSS) 3.29.2
- Mozilla Network Security Services (NSS) 3.29.3
- Mozilla Network Security Services (NSS) 3.29.4
- Mozilla Network Security Services (NSS) 3.29.5
- Mozilla Network Security Services (NSS) 3.3.0
- Mozilla Network Security Services (NSS) 3.3.1
- Mozilla Network Security Services (NSS) 3.3.2
- Mozilla Network Security Services (NSS) 3.30
- Mozilla Network Security Services (NSS) 3.30.1
- Mozilla Network Security Services (NSS) 3.30.2
- Mozilla Network Security Services (NSS) 3.31
- Mozilla Network Security Services (NSS) 3.31.1
- Mozilla Network Security Services (NSS) 3.32
- Mozilla Network Security Services (NSS) 3.33
- Mozilla Network Security Services (NSS) 3.34
- Mozilla Network Security Services (NSS) 3.34.1
- Mozilla Network Security Services (NSS) 3.35
- Mozilla Network Security Services (NSS) 3.36
- Mozilla Network Security Services (NSS) 3.36.1
- Mozilla Network Security Services (NSS) 3.36.2
- Mozilla Network Security Services (NSS) 3.36.3
- Mozilla Network Security Services (NSS) 3.36.4
- Mozilla Network Security Services (NSS) 3.36.5
- Mozilla Network Security Services (NSS) 3.36.6
- Mozilla Network Security Services (NSS) 3.36.7
- Mozilla Network Security Services (NSS) 3.37
- Mozilla Network Security Services (NSS) 3.37.1
- Mozilla Network Security Services (NSS) 3.38
- Mozilla Network Security Services (NSS) 3.39
- Mozilla Network Security Services (NSS) 3.4.0
- Mozilla Network Security Services (NSS) 3.4.1
- Mozilla Network Security Services (NSS) 3.4.2
- Mozilla Network Security Services (NSS) 3.40
- Mozilla Network Security Services (NSS) 3.40.1
- Mozilla Network Security Services (NSS) 3.41
- Mozilla Network Security Services (NSS) 3.41.1
- Mozilla Network Security Services (NSS) 3.5.0
- Mozilla Network Security Services (NSS) 3.6.0
- Mozilla Network Security Services (NSS) 3.6.1
- Mozilla Network Security Services (NSS) 3.7.0
- Mozilla Network Security Services (NSS) 3.7.1
- Mozilla Network Security Services (NSS) 3.7.2
- Mozilla Network Security Services (NSS) 3.7.3
- Mozilla Network Security Services (NSS) 3.7.5
- Mozilla Network Security Services (NSS) 3.7.7
- Mozilla Network Security Services (NSS) 3.8.0
- Mozilla Network Security Services (NSS) 3.9.0
- Mozilla Network Security Services (NSS) 3.9.2
- Redhat Enterprise Linux 7
- Redhat Enterprise Linux 8
Recommendations
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit.
Do not accept or execute files from untrusted or unknown sources.
To limit exposure to these and other latent vulnerabilities, never handle files that originate from unfamiliar or untrusted sources.
Implement multiple redundant layers of security.
As an added precaution, deploy memory-protection schemes (such as nonexecutable stack/heap configuration and randomly mapped memory segments). This may complicate exploits of memory-corruption vulnerabilities.
Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, run applications with the minimal amount of privileges required for functionality.
Updates are available. Please see the references or vendor advisory for more information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat enterprise linux | eq | 7 | |
| redhat enterprise linux | eq | 8 |
Related
nessus
nessus
Siemens RUGGEDCOM ROX II Insufficient Verification of Data Authenticity (CVE-2019-17006)
2023-09-14 00:00:00
Debian DLA-2058-1 : nss security update
2020-01-07 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : NSS vulnerability (USN-4231-1)
2020-01-09 00:00:00
ibm
ibm
osv
osv
nss - security update
2020-01-06 00:00:00
nss - security update
2020-07-17 00:00:00
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
openvas
openvas
Ubuntu: Security Advisory (USN-4231-1)
2020-01-09 00:00:00
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1030)
2021-01-08 00:00:00
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1011)
2021-01-08 00:00:00
debiancve
debiancve
CVE-2019-17006
2020-10-22 21:15:00
cve
cve
CVE-2019-17006
2020-10-22 21:15:00
ubuntu
ubuntu
NSS vulnerability
2020-01-08 00:00:00
ubuntucve
ubuntucve
CVE-2019-17006
2019-12-31 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-04 02:02:53
debian
debian
[SECURITY] [DLA 2058-1] nss security update
2020-01-06 23:25:44
[SECURITY] [DSA 4726-1] nss security update
2020-07-17 18:06:14
[SECURITY] [DLA 2388-1] nss security update
2020-09-29 19:15:28
redhatcve
redhatcve
CVE-2019-17006
2019-12-26 06:08:47
prion
prion
Buffer overflow
2020-10-22 21:15:00
suse
suse
Security update for mozilla-nspr, mozilla-nss (important)
2020-06-24 00:00:00
Security update for mozilla-nspr, mozilla-nss (moderate)
2020-01-12 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-3.0-0474
2022-10-21 00:00:00
redhat
redhat
(RHSA-2021:1026) Moderate: nss-softokn security update
2021-03-30 07:24:03
(RHSA-2021:0758) Moderate: nss-softokn security update
2021-03-09 08:47:28
(RHSA-2021:0876) Moderate: nss and nss-softokn security update
2021-03-16 13:07:08
oraclelinux
oraclelinux
nss and nspr security, bug fix, and enhancement update
2020-08-04 00:00:00
nss and nspr security, bug fix, and enhancement update
2020-10-08 00:00:00
almalinux
almalinux
Moderate: nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
rocky
rocky
nss and nspr security, bug fix, and enhancement update
2020-08-03 12:45:28
ics
ics
Siemens RUGGEDCOM ROX II
2021-02-09 12:00:00
amazon
amazon
Medium: nspr, nss-softokn, nss-util
2021-07-08 18:41:00
Medium: nspr, nss-softokn, nss-util, nss
2020-11-09 21:02:00
centos
centos
nspr, nss security update
2020-11-06 22:01:52
Related for SMNTC-111311