Lucene search
UbuntuUSN-2452-1HistoryJan 07, 2015 - 12:00 a.m.
NSS vulnerability
2015-01-0700:00:00
ubuntu.com
45
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
3.7
Confidence
High
EPSS
0.023
Percentile
89.8%
Releases
- Ubuntu 14.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- nss - Network Security Service library
Details
It was discovered that NSS incorrectly handled certain ASN.1 lengths. A
remote attacker could possibly use this issue to perform a data-smuggling
attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 14.10 | noarch | libnss3 | < 2:3.17.1-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.10 | noarch | libnss3-1d | < 2:3.17.1-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.10 | noarch | libnss3-dbg | < 2:3.17.1-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.10 | noarch | libnss3-dev | < 2:3.17.1-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.10 | noarch | libnss3-tools | < 2:3.17.1-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libnss3 | < 2:3.17.1-0ubuntu0.14.04.2 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libnss3-1d | < 2:3.17.1-0ubuntu0.14.04.2 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libnss3-dbg | < 2:3.17.1-0ubuntu0.14.04.2 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libnss3-dev | < 2:3.17.1-0ubuntu0.14.04.2 | UNKNOWN |
| Ubuntu | 14.04 | noarch | libnss3-tools | < 2:3.17.1-0ubuntu0.14.04.2 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 21 Update: nss-3.17.3-2.fc21
2014-12-25 05:35:12
[SECURITY] Fedora 20 Update: nss-util-3.17.3-1.fc20
2015-01-07 23:54:35
[SECURITY] Fedora 20 Update: nss-softokn-3.17.3-1.fc20
2015-01-07 23:54:35
zdt
zdt
nessus
nessus
Oracle iPlanet Web Server 6.1.x < 6.1.21 / 7.0.x < 7.0.22 NSS Signature Handling Remote Code Injection
2015-07-23 00:00:00
Ubuntu 14.04 LTS : NSS vulnerability (USN-2452-1)
2015-01-08 00:00:00
exploitpack
exploitpack
MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
2019-02-20 00:00:00
exploitdb
exploitdb
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
2019-02-20 00:00:00
veracode
veracode
HTTP Request Smuggling
2019-01-15 09:03:35
cve
cve
CVE-2014-1569
2014-12-15 18:59:00
ubuntucve
ubuntucve
CVE-2014-1569
2014-12-15 00:00:00
debian
debian
[SECURITY] [DSA 3186-1] nss security update
2015-03-13 08:15:52
[SECURITY] [DSA 3186-1] nss security update
2015-03-13 08:15:52
[SECURITY] [DLA 154-1] nss security update
2015-02-16 15:44:22
prion
prion
Design/Logic Flaw
2014-12-15 18:59:00
osv
osv
nss - security update
2015-03-13 00:00:00
nss - security update
2015-02-16 00:00:00
nvd
nvd
CVE-2014-1569
2014-12-15 18:59:00
debiancve
debiancve
CVE-2014-1569
2014-12-15 18:59:00
openvas
openvas
Fedora Update for nss FEDORA-2014-17085
2015-01-05 00:00:00
Ubuntu: Security Advisory (USN-2452-1)
2015-01-23 00:00:00
Debian Security Advisory DSA 3186-1 (nss - security update)
2015-03-13 00:00:00
cvelist
cvelist
CVE-2014-1569
2014-12-15 17:27:00
securityvulns
securityvulns
[ MDVSA-2014:252 ] nss
2014-12-22 00:00:00
Mozilla nss information leakage
2014-12-22 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-11-02 00:00:00
archlinux
archlinux
nss: signature forgery
2014-12-16 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2015-01-19 13:04:47
Security update for Mozilla Firefox (important)
2015-01-29 07:04:56
Security update for Mozilla Firefox (important)
2015-01-31 01:09:23
mageia
mageia
Updated firefox & thunderbird packages fix security vulnerabilities
2014-12-03 22:27:32
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-12-01 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2015
2015-10-20 00:00:00
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
3.7
Confidence
High
EPSS
0.023
Percentile
89.8%
Related for USN-2452-1