English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.882730
Category:CentOS Local Security Checks
Title:CentOS Update for nss CESA-2017:1365 centos7
Summary:Check the version of nss
Description:Summary:
Check the version of nss

Vulnerability Insight:
Network Security Services (NSS) is a set of
libraries designed to support the cross-platform development of security-enabled
client and server applications. Security Fix(es): * A null pointer dereference
flaw was found in the way NSS handled empty SSLv2 messages. An attacker could
use this flaw to crash a server application compiled against the NSS library.
(CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and
Certificate Authority (CA) list have been updated to meet the recommendations as
published with the latest Mozilla Firefox Extended Support Release (ESR). The
updated CA list improves compatibility with the certificates that are used in
the Internet Public Key Infrastructure (PKI). To avoid certificate validation
refusals, Red Hat recommends installing the updated CA list on June 12, 2017.
(BZ#1451421)

Affected Software/OS:
nss on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-7502
1038579
http://www.securitytracker.com/id/1038579
98744
http://www.securityfocus.com/bid/98744
DSA-3872
http://www.debian.org/security/2017/dsa-3872
RHSA-2017:1364
https://access.redhat.com/errata/RHSA-2017:1364
RHSA-2017:1365
https://access.redhat.com/errata/RHSA-2017:1365
RHSA-2017:1567
https://access.redhat.com/errata/RHSA-2017:1567
RHSA-2017:1712
https://access.redhat.com/errata/RHSA-2017:1712
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
https://hg.mozilla.org/projects/nss/rev/55ea60effd0d
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.