Lucene search
UbuntuUSN-740-1HistoryMar 17, 2009 - 12:00 a.m.
NSS vulnerability
2009-03-1700:00:00
ubuntu.com
54
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.2%
Releases
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 6.06
Packages
- firefox -
- nss -
Details
The MD5 algorithm is known not to be collision resistant. This update
blocklists the proof of concept rogue certificate authority as discussed
in <http://www.win.tue.nl/hashclash/rogue-ca/>.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | libnss3-1d | < 3.12.0.3-0ubuntu5.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libnss3-0d | < 3.12.0.3-0ubuntu5.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libnss3-1d | < dbg-3.12.0.3-0ubuntu5.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libnss3-dev | < 3.12.0.3-0ubuntu5.8.10.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libnss3-tools | < 3.12.0.3-0ubuntu5.8.10.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libnss3-0d | < 3.12.0.3-0ubuntu0.8.04.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libnss3-1d | < 3.12.0.3-0ubuntu0.8.04.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libnss3-1d-dbg | < 3.12.0.3-0ubuntu0.8.04.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libnss3-dev | < 3.12.0.3-0ubuntu0.8.04.5 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libnss3-tools | < 3.12.0.3-0ubuntu0.8.04.5 | UNKNOWN |
References
Related
openvas
openvas
Fedora Core 9 FEDORA-2009-1276 (nss)
2009-02-10 00:00:00
Fedora Core 10 FEDORA-2009-1291 (nss)
2009-02-10 00:00:00
Fedora Core 10 FEDORA-2009-1291 (nss)
2009-02-10 00:00:00
ubuntucve
ubuntucve
CVE-2004-2761
2009-01-05 00:00:00
f5
f5
SOL15578 - MD5 Message-Digest Algorithm vulnerability CVE-2004-2761
2014-09-11 00:00:00
K15578 : MD5 Message-Digest Algorithm vulnerability CVE-2004-2761
2014-09-11 00:00:00
veracode
veracode
Spoofing Attacks
2020-04-10 00:55:19
fedora
fedora
[SECURITY] Fedora 9 Update: nss-3.12.2.0-2.fc9
2009-02-05 02:13:54
[SECURITY] Fedora 10 Update: nss-3.12.2.0-4.fc10
2009-02-05 02:15:23
nessus
nessus
Fedora 10 : nss-3.12.2.0-4.fc10 (2009-1291)
2009-04-23 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : nss, firefox vulnerability (USN-740-1)
2009-04-23 00:00:00
SSL Certificate Signed Using Weak Hashing Algorithm (Known CA)
2016-12-08 00:00:00
cve
cve
CVE-2004-2761
2009-01-05 20:30:00
CVE-2016-0924
2016-09-18 02:59:00
prion
prion
Design/Logic Flaw
2016-09-18 02:59:00
github
github
SIF's Digital Signature Hash Algorithms Not Validated
2022-10-06 19:54:55
redhat
redhat
(RHSA-2010:0838) Moderate: pki security and enhancement update
2010-11-08 00:00:00
osv
osv
SIF's Digital Signature Hash Algorithms Not Validated
2022-10-06 19:54:55
ics
ics
Philips Intellispace Portal ISP Vulnerabilities
2018-02-27 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.2%
Related for USN-740-1