CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
89.8%
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17 .3_release_notes
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2014-16530.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(80402);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2014-1569");
script_bugtraq_id(71675);
script_xref(name:"FEDORA", value:"2014-16530");
script_name(english:"Fedora 20 : nss-3.17.3-2.fc20 / nss-softokn-3.17.3-1.fc20 / nss-util-3.17.3-1.fc20 (2014-16530)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Update the nss, nss-softokn, and nss-util packages to nss-3.17.3
For more details on the bugs fixed with this release, please see the
upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17
.3_release_notes
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1155306"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1171012"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1174493"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=987189"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=994599"
);
# https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?6d78ddde"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147757.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?aea5521e"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147758.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?152f136f"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147759.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?994398df"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected nss, nss-softokn and / or nss-util packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss-softokn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:nss-util");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
script_set_attribute(attribute:"patch_publication_date", value:"2014/12/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/08");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC20", reference:"nss-3.17.3-2.fc20")) flag++;
if (rpm_check(release:"FC20", reference:"nss-softokn-3.17.3-1.fc20")) flag++;
if (rpm_check(release:"FC20", reference:"nss-util-3.17.3-1.fc20")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nss / nss-softokn / nss-util");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569
www.nessus.org/u?152f136f
www.nessus.org/u?6d78ddde
www.nessus.org/u?994398df
www.nessus.org/u?aea5521e
bugzilla.redhat.com/show_bug.cgi?id=1155306
bugzilla.redhat.com/show_bug.cgi?id=1171012
bugzilla.redhat.com/show_bug.cgi?id=1174493
bugzilla.redhat.com/show_bug.cgi?id=987189
bugzilla.redhat.com/show_bug.cgi?id=994599