Download
| Alert*
oval:org.secpod.oval:def:1800258
nss is installed oval:org.secpod.oval:def:601359 nss is installed oval:org.secpod.oval:def:600611 Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS cry ... oval:org.secpod.oval:def:600223 This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as unstrusted. oval:org.secpod.oval:def:600938 Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries mis-issued two intermediate CA"s which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CA"s. The two existing TurkTr ... oval:org.secpod.oval:def:600824 Kaspar Brand discovered that Mozilla"s Network Security Services library did insufficient length checking in the QuickDER decoder, allowing to crash a program using the library. oval:org.secpod.oval:def:600614 Several unauthorised SSL certificates have been found in the wild issued for the DigiNotar Certificate Authority, obtained through a security compromise with said company. Debian, like other software distributors, has as a precaution decided to disable the DigiNotar Root CA by default in the NSS cry ... oval:org.secpod.oval:def:601158 Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library . With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. oval:org.secpod.oval:def:1800257 Mozilla Network Security Services before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect base64 operations. oval:org.secpod.oval:def:1800455 Mozilla Network Security Services before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect base64 operations. oval:org.secpod.oval:def:600647 This update to the NSS cryptographic libraries revokes the trust in the "DigiCert Sdn. Bhd" certificate authority |