Gentoo Linux Security Advisory 201701-46 - Multiple vulnerabilities have been found in NSS, the worst of which could allow remote attackers to obtain access to private key information. Versions less than 3.28 are affected.
0f6eee195afeafb86e9cd1a3fcd4d929Ubuntu Security Notice 3163-1 - It was discovered that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Hubert Kario discovered that NSS incorrectly handled Diffie Hellman client key exchanges. A remote attacker could possibly use this flaw to perform a small subgroup confinement attack and recover private keys. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
df53290af5a09c78788e618507be699cRed Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.
8cd3de67f016ea07b1bfbf7a73b94364
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed