Download
| Alert*
oval:org.secpod.oval:def:23613
nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:52303 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:52144 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:700974 nss: Network Security Service library Details: USN-1540-1 fixed vulnerabilities in NSS. This update provides the corresponding updates for Ubuntu 12.04 LTS. Original advisory NSS could be made to crash if it opened a specially crafted certificate. oval:org.secpod.oval:def:701774 libnss3 is installed oval:org.secpod.oval:def:701522 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702214 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:702350 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:38613 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:78158 Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in nss, the Mozilla Network Security Service library, may result in denial of service. oval:org.secpod.oval:def:88522 nss: Network Security Service library NSS could be made to stop responding if it received a specially crafted message. oval:org.secpod.oval:def:605772 Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in nss, the Mozilla Network Security Service library, may result in denial of service. oval:org.secpod.oval:def:707623 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:82146 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:701215 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702222 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:52304 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:52373 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:52517 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702634 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:51696 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:51777 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:703578 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:703416 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:703674 nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703826 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51906 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:603127 Martin Thomson discovered that nss, the Mozilla Network Security Service library, is prone to a use-after-free vulnerability in the TLS 1.2 implementation when handshake hashes are generated. A remote attacker can take advantage of this flaw to cause an application using the nss library to crash, re ... oval:org.secpod.oval:def:51832 nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:53152 Martin Thomson discovered that nss, the Mozilla Network Security Service library, is prone to a use-after-free vulnerability in the TLS 1.2 implementation when handshake hashes are generated. A remote attacker can take advantage of this flaw to cause an application using the nss library to crash, re ... oval:org.secpod.oval:def:51186 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:704432 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:51230 nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:704658 nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:2005269 A vulnerability exists where it possible to force Network Security Services to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability af ... oval:org.secpod.oval:def:705515 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:52666 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:52703 nss: Network Security Service library NSS could be made to expose sensitive information. oval:org.secpod.oval:def:702824 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702977 nss: Network Security Service library NSS could be made to expose sensitive information. oval:org.secpod.oval:def:703017 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:703201 nss: Network Security Service library NSS could be made to crash or run programs if it processed specially crafted network traffic. oval:org.secpod.oval:def:702915 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51600 nss: Network Security Service library NSS could be made to crash or run programs if it processed specially crafted network traffic. oval:org.secpod.oval:def:52733 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:52617 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:701490 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702201 nss: Network Security Service library NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:701550 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:52292 nss: Network Security Service library NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:601739 Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library: CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls. CVE-2013-5606 Certificate validation with the verifylog mode did not retu ... oval:org.secpod.oval:def:701624 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:89354 Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag attributes in nss, the Mozilla Network Security Service library, may result in execution of arbitrary code if a specially crafted PKCS 12 certificate bundle is processed. oval:org.secpod.oval:def:89402 nss: Network Security Service library Several security issues were fixed in NSS. |