Exploit the possiblities
Showing 1 - 6 of 6 RSS Feed

CVE-2017-7502

Status Candidate

Overview

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

Related Files

Ubuntu Security Notice USN-3372-1
Posted Jul 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3372-1 - It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2017-7502
MD5 | ab98a35fa8ae3d8507d56b71d1998766
Red Hat Security Advisory 2017-1712-01
Posted Jul 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1712-01 - Red Hat 3scale API Management Platform 2.0 is a platform for the management of access and traffic for web-based APIs across a variety of deployment options. Security Fix: It was found that RH-3scale AMP would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. The underlying container image was also rebuilt to resolve other security issues.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-1000364, CVE-2017-1000366, CVE-2017-7502, CVE-2017-7512
MD5 | 956dddcd24d616d3e3eb9855a25dca7e
Ubuntu Security Notice USN-3336-1
Posted Jun 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3336-1 - It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-7502
MD5 | 7617cdd35e7baf76e62633c0fac373e3
Red Hat Security Advisory 2017-1567-01
Posted Jun 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1567-01 - Red Hat Container Development Kit is a platform for developing containerized applicationsaaait is a set of tools that enables developers to quickly and easily set up an environment for developing and testing containerized applications on the Red Hat Enterprise Linux platform. With this update, Container Development Kit has been updated to 3.0.0-2, which includes an updated Red Hat Enterprise Linux ISO that contains fixes for the following security issues. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-1000364, CVE-2017-1000366, CVE-2017-7502
MD5 | db61fe9d6bab1e49dcbb4100de883474
Red Hat Security Advisory 2017-1364-01
Posted May 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1364-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7502
MD5 | 3e36105d4d6b1e6240db73cfc5435a01
Red Hat Security Advisory 2017-1365-03
Posted May 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1365-03 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7502
MD5 | d84895835cddf679339ba8d2909c9918
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close