Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.703688
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 3688-1 (nss - security update)
Summary:Several vulnerabilities were discovered;in NSS, the cryptography library developed by the Mozilla project.;;CVE-2015-4000;David Adrian et al. reported that it may be feasible to attack;Diffie-Hellman-based cipher suites in certain circumstances,;compromising the confidentiality and integrity of data encrypted;with Transport Layer Security (TLS).;;CVE-2015-7181 CVE-2015-7182 CVE-2016-1950;Tyson Smith, David Keeler, and Francis Gabriel discovered;heap-based buffer overflows in the ASN.1 DER parser, potentially;leading to arbitrary code execution.;;CVE-2015-7575;Karthikeyan Bhargavan discovered that TLS client implementation;accepted MD5-based signatures for TLS 1.2 connections with forward;secrecy, weakening the intended security strength of TLS;connections.;;CVE-2016-1938;Hanno Boeck discovered that NSS miscomputed the result of integer;division for certain inputs. This could weaken the cryptographic;protections provided by NSS. However, NSS implements RSA-CRT leak;hardening, so RSA private keys are not directly disclosed by this;issue.;;CVE-2016-1978;Eric Rescorla discovered a use-after-free vulnerability in the;implementation of ECDH-based TLS handshakes, with unknown;consequences.;;CVE-2016-1979;Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER;processing, with application-specific impact.;;CVE-2016-2834;Tyson Smith and Jed Davis discovered unspecified memory-safety;bugs in NSS.;;In addition, the NSS library did not ignore environment variables in;processes which underwent a SUID/SGID/AT_SECURE transition at process;start. In certain system configurations, this allowed local users to;escalate their privileges.;;This update contains further correctness and stability fixes without;immediate security impact.
Description:Summary:
Several vulnerabilities were discovered
in NSS, the cryptography library developed by the Mozilla project.

CVE-2015-4000
David Adrian et al. reported that it may be feasible to attack
Diffie-Hellman-based cipher suites in certain circumstances,
compromising the confidentiality and integrity of data encrypted
with Transport Layer Security (TLS).

CVE-2015-7181 CVE-2015-7182 CVE-2016-1950
Tyson Smith, David Keeler, and Francis Gabriel discovered
heap-based buffer overflows in the ASN.1 DER parser, potentially
leading to arbitrary code execution.

CVE-2015-7575
Karthikeyan Bhargavan discovered that TLS client implementation
accepted MD5-based signatures for TLS 1.2 connections with forward
secrecy, weakening the intended security strength of TLS
connections.

CVE-2016-1938
Hanno Boeck discovered that NSS miscomputed the result of integer
division for certain inputs. This could weaken the cryptographic
protections provided by NSS. However, NSS implements RSA-CRT leak
hardening, so RSA private keys are not directly disclosed by this
issue.

CVE-2016-1978
Eric Rescorla discovered a use-after-free vulnerability in the
implementation of ECDH-based TLS handshakes, with unknown
consequences.

CVE-2016-1979
Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER
processing, with application-specific impact.

CVE-2016-2834
Tyson Smith and Jed Davis discovered unspecified memory-safety
bugs in NSS.

In addition, the NSS library did not ignore environment variables in
processes which underwent a SUID/SGID/AT_SECURE transition at process
start. In certain system configurations, this allowed local users to
escalate their privileges.

This update contains further correctness and stability fixes without
immediate security impact.

Affected Software/OS:
nss on Debian Linux

Solution:
For the stable distribution (jessie),
these problems have been fixed in version 2:3.26-1+debu8u1.

For the unstable distribution (sid), these problems have been fixed in
version 2:3.23-1.

We recommend that you upgrade your nss packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-4000
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
BugTraq ID: 74733
http://www.securityfocus.com/bid/74733
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
http://support.apple.com/kb/HT204941
http://support.apple.com/kb/HT204942
http://support.citrix.com/article/CTX201114
http://www-01.ibm.com/support/docview.wss?uid=swg21959111
http://www-01.ibm.com/support/docview.wss?uid=swg21959195
http://www-01.ibm.com/support/docview.wss?uid=swg21959325
http://www-01.ibm.com/support/docview.wss?uid=swg21959453
http://www-01.ibm.com/support/docview.wss?uid=swg21959481
http://www-01.ibm.com/support/docview.wss?uid=swg21959517
http://www-01.ibm.com/support/docview.wss?uid=swg21959530
http://www-01.ibm.com/support/docview.wss?uid=swg21959539
http://www-01.ibm.com/support/docview.wss?uid=swg21959636
http://www-01.ibm.com/support/docview.wss?uid=swg21959812
http://www-01.ibm.com/support/docview.wss?uid=swg21960191
http://www-01.ibm.com/support/docview.wss?uid=swg21961717
http://www-01.ibm.com/support/docview.wss?uid=swg21962455
http://www-01.ibm.com/support/docview.wss?uid=swg21962739
http://www-304.ibm.com/support/docview.wss?uid=swg21958984
http://www-304.ibm.com/support/docview.wss?uid=swg21959132
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
http://www-304.ibm.com/support/docview.wss?uid=swg21960194
http://www-304.ibm.com/support/docview.wss?uid=swg21960380
http://www-304.ibm.com/support/docview.wss?uid=swg21960418
http://www-304.ibm.com/support/docview.wss?uid=swg21962816
http://www-304.ibm.com/support/docview.wss?uid=swg21967893
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
https://bto.bluecoat.com/security-advisory/sa98
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
https://openssl.org/news/secadv/20150611.txt
https://puppet.com/security/cve/CVE-2015-4000
https://security.netapp.com/advisory/ntap-20150619-0001/
https://support.citrix.com/article/CTX216642
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
https://www-304.ibm.com/support/docview.wss?uid=swg21959745
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
https://www.openssl.org/news/secadv_20150611.txt
https://www.suse.com/security/cve/CVE-2015-4000.html
Debian Security Information: DSA-3287 (Google Search)
http://www.debian.org/security/2015/dsa-3287
Debian Security Information: DSA-3300 (Google Search)
http://www.debian.org/security/2015/dsa-3300
Debian Security Information: DSA-3316 (Google Search)
http://www.debian.org/security/2015/dsa-3316
Debian Security Information: DSA-3324 (Google Search)
http://www.debian.org/security/2015/dsa-3324
Debian Security Information: DSA-3339 (Google Search)
http://www.debian.org/security/2015/dsa-3339
Debian Security Information: DSA-3688 (Google Search)
http://www.debian.org/security/2016/dsa-3688
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html
https://security.gentoo.org/glsa/201506-02
https://security.gentoo.org/glsa/201512-10
https://security.gentoo.org/glsa/201603-11
https://security.gentoo.org/glsa/201701-46
HPdes Security Advisory: HPSBGN03351
http://marc.info/?l=bugtraq&m=143557934009303&w=2
HPdes Security Advisory: HPSBGN03361
http://marc.info/?l=bugtraq&m=143628304012255&w=2
HPdes Security Advisory: HPSBGN03362
http://marc.info/?l=bugtraq&m=143558092609708&w=2
HPdes Security Advisory: HPSBGN03373
http://marc.info/?l=bugtraq&m=143655800220052&w=2
HPdes Security Advisory: HPSBGN03399
http://marc.info/?l=bugtraq&m=144060576831314&w=2
HPdes Security Advisory: HPSBGN03402
http://marc.info/?l=bugtraq&m=144069189622016&w=2
HPdes Security Advisory: HPSBGN03404
http://marc.info/?l=bugtraq&m=144050121701297&w=2
HPdes Security Advisory: HPSBGN03405
http://marc.info/?l=bugtraq&m=144060606031437&w=2
HPdes Security Advisory: HPSBGN03407
http://marc.info/?l=bugtraq&m=144102017024820&w=2
HPdes Security Advisory: HPSBGN03411
http://marc.info/?l=bugtraq&m=144061542602287&w=2
HPdes Security Advisory: HPSBGN03533
http://marc.info/?l=bugtraq&m=145409266329539&w=2
HPdes Security Advisory: HPSBMU03345
http://marc.info/?l=bugtraq&m=144043644216842&w=2
HPdes Security Advisory: HPSBMU03356
http://marc.info/?l=bugtraq&m=143506486712441&w=2
HPdes Security Advisory: HPSBMU03401
http://marc.info/?l=bugtraq&m=144104533800819&w=2
HPdes Security Advisory: HPSBUX03363
http://marc.info/?l=bugtraq&m=143637549705650&w=2
HPdes Security Advisory: HPSBUX03388
http://marc.info/?l=bugtraq&m=143880121627664&w=2
HPdes Security Advisory: HPSBUX03512
http://marc.info/?l=bugtraq&m=144493176821532&w=2
HPdes Security Advisory: SSRT102112
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196
HPdes Security Advisory: SSRT102180
HPdes Security Advisory: SSRT102254
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
https://weakdh.org/
https://weakdh.org/imperfect-forward-secrecy.pdf
https://www.oracle.com/security-alerts/cpujan2021.html
http://openwall.com/lists/oss-security/2015/05/20/8
NETBSD Security Advisory: NetBSD-SA2015-008
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
RedHat Security Advisories: RHSA-2015:1072
http://rhn.redhat.com/errata/RHSA-2015-1072.html
RedHat Security Advisories: RHSA-2015:1185
http://rhn.redhat.com/errata/RHSA-2015-1185.html
RedHat Security Advisories: RHSA-2015:1197
http://rhn.redhat.com/errata/RHSA-2015-1197.html
RedHat Security Advisories: RHSA-2015:1228
http://rhn.redhat.com/errata/RHSA-2015-1228.html
RedHat Security Advisories: RHSA-2015:1229
http://rhn.redhat.com/errata/RHSA-2015-1229.html
RedHat Security Advisories: RHSA-2015:1230
http://rhn.redhat.com/errata/RHSA-2015-1230.html
RedHat Security Advisories: RHSA-2015:1241
http://rhn.redhat.com/errata/RHSA-2015-1241.html
RedHat Security Advisories: RHSA-2015:1242
http://rhn.redhat.com/errata/RHSA-2015-1242.html
RedHat Security Advisories: RHSA-2015:1243
http://rhn.redhat.com/errata/RHSA-2015-1243.html
RedHat Security Advisories: RHSA-2015:1485
http://rhn.redhat.com/errata/RHSA-2015-1485.html
RedHat Security Advisories: RHSA-2015:1486
http://rhn.redhat.com/errata/RHSA-2015-1486.html
RedHat Security Advisories: RHSA-2015:1488
http://rhn.redhat.com/errata/RHSA-2015-1488.html
RedHat Security Advisories: RHSA-2015:1526
http://rhn.redhat.com/errata/RHSA-2015-1526.html
RedHat Security Advisories: RHSA-2015:1544
http://rhn.redhat.com/errata/RHSA-2015-1544.html
RedHat Security Advisories: RHSA-2015:1604
http://rhn.redhat.com/errata/RHSA-2015-1604.html
RedHat Security Advisories: RHSA-2016:1624
http://rhn.redhat.com/errata/RHSA-2016-1624.html
RedHat Security Advisories: RHSA-2016:2056
http://rhn.redhat.com/errata/RHSA-2016-2056.html
http://www.securitytracker.com/id/1032474
http://www.securitytracker.com/id/1032475
http://www.securitytracker.com/id/1032476
http://www.securitytracker.com/id/1032637
http://www.securitytracker.com/id/1032645
http://www.securitytracker.com/id/1032647
http://www.securitytracker.com/id/1032648
http://www.securitytracker.com/id/1032649
http://www.securitytracker.com/id/1032650
http://www.securitytracker.com/id/1032651
http://www.securitytracker.com/id/1032652
http://www.securitytracker.com/id/1032653
http://www.securitytracker.com/id/1032654
http://www.securitytracker.com/id/1032655
http://www.securitytracker.com/id/1032656
http://www.securitytracker.com/id/1032688
http://www.securitytracker.com/id/1032699
http://www.securitytracker.com/id/1032702
http://www.securitytracker.com/id/1032727
http://www.securitytracker.com/id/1032759
http://www.securitytracker.com/id/1032777
http://www.securitytracker.com/id/1032778
http://www.securitytracker.com/id/1032783
http://www.securitytracker.com/id/1032784
http://www.securitytracker.com/id/1032856
http://www.securitytracker.com/id/1032864
http://www.securitytracker.com/id/1032865
http://www.securitytracker.com/id/1032871
http://www.securitytracker.com/id/1032884
http://www.securitytracker.com/id/1032910
http://www.securitytracker.com/id/1032932
http://www.securitytracker.com/id/1032960
http://www.securitytracker.com/id/1033019
http://www.securitytracker.com/id/1033064
http://www.securitytracker.com/id/1033065
http://www.securitytracker.com/id/1033067
http://www.securitytracker.com/id/1033208
http://www.securitytracker.com/id/1033209
http://www.securitytracker.com/id/1033210
http://www.securitytracker.com/id/1033222
http://www.securitytracker.com/id/1033341
http://www.securitytracker.com/id/1033385
http://www.securitytracker.com/id/1033416
http://www.securitytracker.com/id/1033430
http://www.securitytracker.com/id/1033433
http://www.securitytracker.com/id/1033513
http://www.securitytracker.com/id/1033760
http://www.securitytracker.com/id/1033891
http://www.securitytracker.com/id/1033991
http://www.securitytracker.com/id/1034087
http://www.securitytracker.com/id/1034728
http://www.securitytracker.com/id/1034884
http://www.securitytracker.com/id/1036218
http://www.securitytracker.com/id/1040630
SuSE Security Announcement: SUSE-SU-2015:1143 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
SuSE Security Announcement: SUSE-SU-2015:1150 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
SuSE Security Announcement: SUSE-SU-2015:1177 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:1181 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
SuSE Security Announcement: SUSE-SU-2015:1182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
SuSE Security Announcement: SUSE-SU-2015:1183 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
SuSE Security Announcement: SUSE-SU-2015:1184 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
SuSE Security Announcement: SUSE-SU-2015:1185 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
SuSE Security Announcement: SUSE-SU-2015:1268 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
SuSE Security Announcement: SUSE-SU-2015:1269 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
SuSE Security Announcement: SUSE-SU-2015:1319 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
SuSE Security Announcement: SUSE-SU-2015:1320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
SuSE Security Announcement: SUSE-SU-2015:1449 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
SuSE Security Announcement: SUSE-SU-2015:1581 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
SuSE Security Announcement: SUSE-SU-2015:1663 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
SuSE Security Announcement: SUSE-SU-2016:0224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0262 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
SuSE Security Announcement: openSUSE-SU-2015:1139 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
SuSE Security Announcement: openSUSE-SU-2015:1209 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html
SuSE Security Announcement: openSUSE-SU-2015:1229 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
SuSE Security Announcement: openSUSE-SU-2015:1277 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
SuSE Security Announcement: openSUSE-SU-2015:1288 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
SuSE Security Announcement: openSUSE-SU-2015:1289 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
SuSE Security Announcement: openSUSE-SU-2016:0226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
SuSE Security Announcement: openSUSE-SU-2016:0255 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
SuSE Security Announcement: openSUSE-SU-2016:0261 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
SuSE Security Announcement: openSUSE-SU-2016:0478 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html
SuSE Security Announcement: openSUSE-SU-2016:0483 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html
http://www.ubuntu.com/usn/USN-2656-1
http://www.ubuntu.com/usn/USN-2656-2
http://www.ubuntu.com/usn/USN-2673-1
http://www.ubuntu.com/usn/USN-2696-1
http://www.ubuntu.com/usn/USN-2706-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7181
BugTraq ID: 77416
http://www.securityfocus.com/bid/77416
Debian Security Information: DSA-3393 (Google Search)
http://www.debian.org/security/2015/dsa-3393
Debian Security Information: DSA-3410 (Google Search)
http://www.debian.org/security/2015/dsa-3410
https://security.gentoo.org/glsa/201605-06
http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html
RedHat Security Advisories: RHSA-2015:1980
http://rhn.redhat.com/errata/RHSA-2015-1980.html
RedHat Security Advisories: RHSA-2015:1981
http://rhn.redhat.com/errata/RHSA-2015-1981.html
http://www.securitytracker.com/id/1034069
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753
SuSE Security Announcement: SUSE-SU-2015:1926 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html
SuSE Security Announcement: SUSE-SU-2015:1978 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html
SuSE Security Announcement: SUSE-SU-2015:1981 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html
SuSE Security Announcement: SUSE-SU-2015:2081 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
SuSE Security Announcement: openSUSE-SU-2015:1942 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:2229 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
SuSE Security Announcement: openSUSE-SU-2015:2245 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
http://www.ubuntu.com/usn/USN-2785-1
http://www.ubuntu.com/usn/USN-2791-1
http://www.ubuntu.com/usn/USN-2819-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7182
Common Vulnerability Exposure (CVE) ID: CVE-2015-7575
BugTraq ID: 79684
http://www.securityfocus.com/bid/79684
Debian Security Information: DSA-3436 (Google Search)
http://www.debian.org/security/2016/dsa-3436
Debian Security Information: DSA-3437 (Google Search)
http://www.debian.org/security/2016/dsa-3437
Debian Security Information: DSA-3457 (Google Search)
http://www.debian.org/security/2016/dsa-3457
Debian Security Information: DSA-3458 (Google Search)
http://www.debian.org/security/2016/dsa-3458
Debian Security Information: DSA-3465 (Google Search)
http://www.debian.org/security/2016/dsa-3465
Debian Security Information: DSA-3491 (Google Search)
http://www.debian.org/security/2016/dsa-3491
https://security.gentoo.org/glsa/201706-18
https://security.gentoo.org/glsa/201801-15
RedHat Security Advisories: RHSA-2016:0049
http://rhn.redhat.com/errata/RHSA-2016-0049.html
RedHat Security Advisories: RHSA-2016:0050
http://rhn.redhat.com/errata/RHSA-2016-0050.html
RedHat Security Advisories: RHSA-2016:0053
http://rhn.redhat.com/errata/RHSA-2016-0053.html
RedHat Security Advisories: RHSA-2016:0054
http://rhn.redhat.com/errata/RHSA-2016-0054.html
RedHat Security Advisories: RHSA-2016:0055
http://rhn.redhat.com/errata/RHSA-2016-0055.html
RedHat Security Advisories: RHSA-2016:0056
http://rhn.redhat.com/errata/RHSA-2016-0056.html
RedHat Security Advisories: RHSA-2016:1430
https://access.redhat.com/errata/RHSA-2016:1430
http://www.securitytracker.com/id/1034541
http://www.securitytracker.com/id/1036467
SuSE Security Announcement: SUSE-SU-2016:0256 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
SuSE Security Announcement: SUSE-SU-2016:0265 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
SuSE Security Announcement: SUSE-SU-2016:0269 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
SuSE Security Announcement: openSUSE-SU-2015:2405 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
SuSE Security Announcement: openSUSE-SU-2016:0007 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
SuSE Security Announcement: openSUSE-SU-2016:0161 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
SuSE Security Announcement: openSUSE-SU-2016:0162 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
SuSE Security Announcement: openSUSE-SU-2016:0263 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
SuSE Security Announcement: openSUSE-SU-2016:0268 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
SuSE Security Announcement: openSUSE-SU-2016:0272 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
SuSE Security Announcement: openSUSE-SU-2016:0279 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
SuSE Security Announcement: openSUSE-SU-2016:0307 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
SuSE Security Announcement: openSUSE-SU-2016:0308 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
SuSE Security Announcement: openSUSE-SU-2016:0488 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
SuSE Security Announcement: openSUSE-SU-2016:0605 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
http://www.ubuntu.com/usn/USN-2863-1
http://www.ubuntu.com/usn/USN-2864-1
http://www.ubuntu.com/usn/USN-2865-1
http://www.ubuntu.com/usn/USN-2866-1
http://www.ubuntu.com/usn/USN-2884-1
http://www.ubuntu.com/usn/USN-2904-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1938
BugTraq ID: 81955
http://www.securityfocus.com/bid/81955
https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
http://www.securitytracker.com/id/1034825
SuSE Security Announcement: SUSE-SU-2016:0338 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
SuSE Security Announcement: openSUSE-SU-2016:0306 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
SuSE Security Announcement: openSUSE-SU-2016:0309 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
http://www.ubuntu.com/usn/USN-2880-1
http://www.ubuntu.com/usn/USN-2880-2
http://www.ubuntu.com/usn/USN-2903-1
http://www.ubuntu.com/usn/USN-2903-2
http://www.ubuntu.com/usn/USN-2973-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1950
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 84223
http://www.securityfocus.com/bid/84223
Debian Security Information: DSA-3510 (Google Search)
http://www.debian.org/security/2016/dsa-3510
Debian Security Information: DSA-3520 (Google Search)
http://www.debian.org/security/2016/dsa-3520
RedHat Security Advisories: RHSA-2016:0495
http://rhn.redhat.com/errata/RHSA-2016-0495.html
http://www.securitytracker.com/id/1035215
SuSE Security Announcement: SUSE-SU-2016:0727 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
SuSE Security Announcement: SUSE-SU-2016:0777 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
SuSE Security Announcement: SUSE-SU-2016:0820 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
SuSE Security Announcement: SUSE-SU-2016:0909 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
SuSE Security Announcement: openSUSE-SU-2016:0731 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
SuSE Security Announcement: openSUSE-SU-2016:0733 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
SuSE Security Announcement: openSUSE-SU-2016:1557 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
http://www.ubuntu.com/usn/USN-2917-1
http://www.ubuntu.com/usn/USN-2917-2
http://www.ubuntu.com/usn/USN-2917-3
http://www.ubuntu.com/usn/USN-2924-1
http://www.ubuntu.com/usn/USN-2934-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1978
BugTraq ID: 84275
http://www.securityfocus.com/bid/84275
RedHat Security Advisories: RHSA-2016:0591
http://rhn.redhat.com/errata/RHSA-2016-0591.html
RedHat Security Advisories: RHSA-2016:0684
http://rhn.redhat.com/errata/RHSA-2016-0684.html
RedHat Security Advisories: RHSA-2016:0685
http://rhn.redhat.com/errata/RHSA-2016-0685.html
http://www.securitytracker.com/id/1035258
Common Vulnerability Exposure (CVE) ID: CVE-2016-1979
BugTraq ID: 84221
http://www.securityfocus.com/bid/84221
Debian Security Information: DSA-3576 (Google Search)
http://www.debian.org/security/2016/dsa-3576
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
Common Vulnerability Exposure (CVE) ID: CVE-2016-2834
BugTraq ID: 91072
http://www.securityfocus.com/bid/91072
RedHat Security Advisories: RHSA-2016:2779
http://rhn.redhat.com/errata/RHSA-2016-2779.html
http://www.securitytracker.com/id/1036057
SuSE Security Announcement: SUSE-SU-2016:1691 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html
SuSE Security Announcement: openSUSE-SU-2016:1552 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html
http://www.ubuntu.com/usn/USN-2993-1
http://www.ubuntu.com/usn/USN-3029-1
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.