Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64513
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:1190
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2009:1190.

Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
operating system facilities. These facilities include threads, thread
synchronization, normal file and network I/O, interval timing, calendar
time, basic memory management (malloc and free), and shared library linking.

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Applications built with NSS can support SSLv2, SSLv3, TLS,
and other security standards.

These updated packages upgrade NSS from the previous version, 3.12.2, to a
prerelease of version 3.12.4. The version of NSPR has also been upgraded
from 4.7.3 to 4.7.4.

For details on the issues address in this update, please visit the
referenced security advisories.

All users of nspr and nss are advised to upgrade to these updated packages,
which resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-1190.html
http://www.redhat.com/security/updates/classification/#critical

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-2404
BugTraq ID: 35891
http://www.securityfocus.com/bid/35891
Cert/CC Advisory: TA10-103B
http://www.us-cert.gov/cas/techalerts/TA10-103B.html
Debian Security Information: DSA-1874 (Google Search)
http://www.debian.org/security/2009/dsa-1874
http://www.mandriva.com/security/advisories?name=MDVSA-2009:197
http://www.mandriva.com/security/advisories?name=MDVSA-2009:216
http://www.blackhat.com/presentations/bh-usa-09/MARLINSPIKE/BHUSA09-Marlinspike-DefeatSSL-SLIDES.pdf
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11174
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8658
RedHat Security Advisories: RHSA-2009:1185
http://rhn.redhat.com/errata/RHSA-2009-1185.html
http://www.redhat.com/support/errata/RHSA-2009-1207.html
http://secunia.com/advisories/36088
http://secunia.com/advisories/36102
http://secunia.com/advisories/36125
http://secunia.com/advisories/36139
http://secunia.com/advisories/36157
http://secunia.com/advisories/36434
http://secunia.com/advisories/37098
http://secunia.com/advisories/39428
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1
SuSE Security Announcement: SUSE-SA:2009:048 (Google Search)
http://www.novell.com/linux/security/advisories/2009_48_firefox.html
http://www.ubuntu.com/usn/usn-810-1
https://usn.ubuntu.com/810-2/
http://www.vupen.com/english/advisories/2009/2085
Common Vulnerability Exposure (CVE) ID: CVE-2009-2408
http://www.mandriva.com/security/advisories?name=MDVSA-2009:217
http://isc.sans.org/diary.html?storyid=7003
http://www.wired.com/threatlevel/2009/07/kaminsky/
http://marc.info/?l=oss-security&m=125198917018936&w=2
http://osvdb.org/56723
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458
http://www.redhat.com/support/errata/RHSA-2009-1432.html
http://www.securitytracker.com/id?1022632
http://secunia.com/advisories/36669
SuSE Security Announcement: SUSE-SR:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://www.vupen.com/english/advisories/2009/3184
Common Vulnerability Exposure (CVE) ID: CVE-2009-2409
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
Bugtraq: 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console (Google Search)
http://www.securityfocus.com/archive/1/515055/100/0/threaded
Debian Security Information: DSA-1888 (Google Search)
https://www.debian.org/security/2009/dsa-1888
http://security.gentoo.org/glsa/glsa-200911-02.xml
http://security.gentoo.org/glsa/glsa-200912-01.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:258
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10763
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6631
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8594
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.securitytracker.com/id?1022631
http://secunia.com/advisories/36739
http://secunia.com/advisories/37386
http://secunia.com/advisories/42467
http://www.vupen.com/english/advisories/2010/3126
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.