Gentoo Linux Security Advisory 201701-46 - Multiple vulnerabilities have been found in NSS, the worst of which could allow remote attackers to obtain access to private key information. Versions less than 3.28 are affected.
b1cd45ec7124022777ee15626d3b9e992a81649ff892fb429b6fc114d81bce0fUbuntu Security Notice 3163-1 - It was discovered that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Hubert Kario discovered that NSS incorrectly handled Diffie Hellman client key exchanges. A remote attacker could possibly use this flaw to perform a small subgroup confinement attack and recover private keys. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
f15f55fef0b6825de95e31019d060786dbe9ed259df4f47160b2533438a459f3Red Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.
df0b83d865da079f245658c46d7eff1eab3b336b9074b5a1419917a774b695c1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed