 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.63331 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 10 FEDORA-2009-1291 (nss) |
| Summary: | The remote host is missing an update to nss;announced via advisory FEDORA-2009-1291.;Note: This VT has been deprecated and is therefore no longer functional. |
| Description: | Summary: The remote host is missing an update to nss announced via advisory FEDORA-2009-1291. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. Update Information: This updates adds protection against rogue CA that was generated as a proof-of- concept of the MD5 collision attacks against X509 signatures, related to CVE-2004-2761. ChangeLog: * Fri Jan 23 2009 Kai Engert - 3.12.2.0-4 - Update to NSS_3_12_2_WITH_CKBI_1_73_RTM Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update nss' at the command line. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-2761 BugTraq ID: 33065 http://www.securityfocus.com/bid/33065 Bugtraq: 20081230 MD5 Considered Harmful Today: Creating a rogue CA certificate (Google Search) http://www.securityfocus.com/archive/1/499685/100/0/threaded CERT/CC vulnerability note: VU#836068 http://www.kb.cert.org/vuls/id/836068 Cisco Security Advisory: 20090115 MD5 Hashes May Allow for Certificate Spoofing http://www.cisco.com/en/US/products/products_security_response09186a0080a5d24a.html https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00096.html http://blog.mozilla.com/security/2008/12/30/md5-weaknesses-could-lead-to-certificate-forgery/ http://blogs.technet.com/swi/archive/2008/12/30/information-regarding-md5-collisions-problem.aspx http://www.doxpara.com/research/md5/md5_someday.pdf http://www.microsoft.com/technet/security/advisory/961509.mspx http://www.phreedom.org/research/rogue-ca/ http://www.win.tue.nl/hashclash/SoftIntCodeSign/ http://www.win.tue.nl/hashclash/rogue-ca/ https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 RedHat Security Advisories: RHSA-2010:0837 https://rhn.redhat.com/errata/RHSA-2010-0837.html RedHat Security Advisories: RHSA-2010:0838 https://rhn.redhat.com/errata/RHSA-2010-0838.html http://securitytracker.com/id?1024697 http://secunia.com/advisories/33826 http://secunia.com/advisories/34281 http://secunia.com/advisories/42181 http://securityreason.com/securityalert/4866 http://www.ubuntu.com/usn/usn-740-1 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |