This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mozilla First view 2004-12-31
Product Network Security Services Last view 2020-10-22
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:* 29
cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:* 28
cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:* 27
cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:* 27
cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:* 26
cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:* 26
cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:* 25
cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:* 24
cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:* 24

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2020-10-22 CVE-2019-17007

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.

6.5 2020-10-22 CVE-2018-18508

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.

7.5 2020-10-20 CVE-2020-25648

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.

5.9 2019-05-02 CVE-2018-12404

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.

5.9 2019-04-29 CVE-2018-12384

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.

5.9 2018-08-01 CVE-2016-8635

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

5.9 2018-07-19 CVE-2016-9574

nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.

5.3 2018-06-11 CVE-2017-5462

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

7.8 2017-12-27 CVE-2017-11698

Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.8 2017-12-27 CVE-2017-11697

The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.

7.8 2017-12-27 CVE-2017-11696

Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.8 2017-12-27 CVE-2017-11695

Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

7.5 2017-05-30 CVE-2017-7502

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

9.8 2017-05-10 CVE-2017-5461

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

8.8 2016-06-13 CVE-2016-2834

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

8.8 2016-03-13 CVE-2016-1979

Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.

7.3 2016-03-13 CVE-2016-1978

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.

8.8 2016-03-13 CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

5.9 2016-01-08 CVE-2015-7575

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

7.5 2015-11-05 CVE-2015-7183

Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

9.8 2015-11-05 CVE-2015-7182

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.

7.5 2015-11-05 CVE-2015-7181

The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.

3.7 2015-05-20 CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

7.5 2014-12-15 CVE-2014-1569

The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.

10 2014-07-23 CVE-2014-1544

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.

CWE : Common Weakness Enumeration

%idName
35% (12) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (3) CWE-310 Cryptographic Issues
8% (3) CWE-189 Numeric Errors
8% (3) CWE-20 Improper Input Validation
5% (2) CWE-476 NULL Pointer Dereference
2% (1) CWE-787 Out-of-bounds Write
2% (1) CWE-770 Allocation of Resources Without Limits or Throttling
2% (1) CWE-682 Incorrect Calculation
2% (1) CWE-384 Session Fixation
2% (1) CWE-362 Race Condition
2% (1) CWE-335 PRNG Seed Error
2% (1) CWE-326 Inadequate Encryption Strength
2% (1) CWE-320 Key Management Errors
2% (1) CWE-295 Certificate Issues
2% (1) CWE-264 Permissions, Privileges, and Access Controls
2% (1) CWE-19 Data Handling

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7 Blind SQL Injection
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-22 Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-28 Fuzzing
CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-42 MIME Conversion
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-63 Simple Script Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66 SQL Injection
CAPEC-67 String Format Overflow in syslog()
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:11007 Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozi...
oval:org.mitre.oval:def:10478 Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozi...
oval:org.mitre.oval:def:10502 Integer underflow in the SSLv2 support in Mozilla Network Security Services (...
oval:org.mitre.oval:def:10174 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security ...
oval:org.mitre.oval:def:8658 VMware Network Security Services (NSS) heap-based buffer overflow vulnerability
oval:org.mitre.oval:def:11174 Heap-based buffer overflow in a regular-expression parser in Mozilla Network ...
oval:org.mitre.oval:def:21561 RHSA-2012:1090: nss and nspr security, bug fix, and enhancement update (Moder...
oval:org.mitre.oval:def:21249 RHSA-2012:1091: nss, nspr, and nss-util security, bug fix, and enhancement up...
oval:org.mitre.oval:def:20669 VMware security updates for vSphere API and ESX Service Console
oval:org.mitre.oval:def:19603 DSA-2490-1 nss - denial of service
oval:org.mitre.oval:def:17984 USN-1540-2 -- nss vulnerability
oval:org.mitre.oval:def:17479 USN-1540-1 -- nss vulnerability
oval:org.mitre.oval:def:16701 The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Service...
oval:org.mitre.oval:def:23800 ELSA-2012:1091: nss, nspr, and nss-util security, bug fix, and enhancement up...
oval:org.mitre.oval:def:23351 ELSA-2012:1090: nss and nspr security, bug fix, and enhancement update (Moder...
oval:org.mitre.oval:def:27686 DEPRECATED: ELSA-2012-1091 -- nss, nspr, and nss-util security, bug fix, and ...
oval:org.mitre.oval:def:26986 DEPRECATED: ELSA-2012-1090 -- nss and nspr security, bug fix, and enhancement...
oval:org.mitre.oval:def:21177 RHSA-2013:1144: nss, nss-util, nss-softokn, and nspr security update (Moderate)
oval:org.mitre.oval:def:21084 RHSA-2013:1135: nss and nspr security, bug fix, and enhancement update (Moder...
oval:org.mitre.oval:def:18127 USN-1763-1 -- nss vulnerability
oval:org.mitre.oval:def:24119 ELSA-2013:1144: nss, nss-util, nss-softokn, and nspr security update (Moderate)
oval:org.mitre.oval:def:22788 ELSA-2013:1135: nss and nspr security, bug fix, and enhancement update (Moder...
oval:org.mitre.oval:def:27513 DEPRECATED: ELSA-2013-1135 -- nss and nspr security, bug fix, and enhancement...
oval:org.mitre.oval:def:27269 DEPRECATED: ELSA-2013-1144 -- nss, nss-util, nss-softokn, and nspr security u...
oval:org.mitre.oval:def:17150 The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS...

Open Source Vulnerability Database (OSVDB)

id Description
64070 Sun Java System Directory Server X.509 Certificate Common Name (CN) Field Han...
56724 Mozilla Multiple Products Regex Parser X.509 Certificate Common Name (CN) Fie...
32106 Mozilla Network Security Services SSLv2 Server Remote Overflow
32105 Mozilla Multiple Products NSS SSLv2 Client Overflow
29013 Mozilla Multiple Products NSS Library RSA Exponent 3 Signature Forgery
9116 Netscape Network Security Services (NSS) Library SSLv2 Challenge Overflow

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-13 Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,)
File : nvt/gb_suse_2012_0760_1.nasl
2012-11-16 Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console
File : nvt/gb_VMSA-2012-0016.nasl
2012-08-24 Name : Ubuntu Update for nss USN-1540-2
File : nvt/gb_ubuntu_USN_1540_2.nasl
2012-08-17 Name : Ubuntu Update for nss USN-1540-1
File : nvt/gb_ubuntu_USN_1540_1.nasl
2012-08-10 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox68.nasl
2012-08-10 Name : Debian Security Advisory DSA 2490-1 (nss)
File : nvt/deb_2490_1.nasl
2012-08-03 Name : Mandriva Update for mozilla MDVSA-2012:088 (mozilla)
File : nvt/gb_mandriva_MDVSA_2012_088.nasl
2012-07-30 Name : CentOS Update for nspr CESA-2012:1091 centos6
File : nvt/gb_CESA-2012_1091_nspr_centos6.nasl
2012-07-30 Name : CentOS Update for nspr CESA-2012:1090 centos5
File : nvt/gb_CESA-2012_1090_nspr_centos5.nasl
2012-07-19 Name : RedHat Update for nss, nspr, and nss-util RHSA-2012:1091-01
File : nvt/gb_RHSA-2012_1091-01_nss_nspr_and_nss-util.nasl
2012-07-19 Name : RedHat Update for nss and nspr RHSA-2012:1090-01
File : nvt/gb_RHSA-2012_1090-01_nss_and_nspr.nasl
2012-06-28 Name : Ubuntu Update for thunderbird USN-1463-6
File : nvt/gb_ubuntu_USN_1463_6.nasl
2012-06-25 Name : Mandriva Update for mozilla MDVSA-2012:088-1 (mozilla)
File : nvt/gb_mandriva_MDVSA_2012_088_1.nasl
2012-06-25 Name : Ubuntu Update for thunderbird USN-1463-4
File : nvt/gb_ubuntu_USN_1463_4.nasl
2012-06-22 Name : Ubuntu Update for firefox USN-1463-3
File : nvt/gb_ubuntu_USN_1463_3.nasl
2012-06-19 Name : Mozilla Products Multiple Vulnerabilities - June12 (Windows)
File : nvt/gb_mozilla_prdts_mult_vuln_jun12_win.nasl
2012-06-19 Name : Mozilla Products Multiple Vulnerabilities - June12 (Mac OS X)
File : nvt/gb_mozilla_prdts_mult_vuln_jun12_macosx.nasl
2012-06-08 Name : Ubuntu Update for firefox USN-1463-1
File : nvt/gb_ubuntu_USN_1463_1.nasl
2011-08-09 Name : CentOS Update for seamonkey CESA-2009:1185 centos3 i386
File : nvt/gb_CESA-2009_1185_seamonkey_centos3_i386.nasl
2010-04-06 Name : Debian Security Advisory DSA 2025-1 (icedove)
File : nvt/deb_2025_1.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:197-3 (nss)
File : nvt/mdksa_2009_197_3.nasl
2009-10-27 Name : SLES9: Security update for epiphany
File : nvt/sles9p5060741.nasl
2009-10-27 Name : SuSE Security Advisory SUSE-SA:2009:048 (MozillaFirefox)
File : nvt/suse_sa_2009_048.nasl
2009-10-27 Name : SLES10: Security update for Mozilla NSS
File : nvt/sles10_mozilla-nspr.nasl
2009-10-11 Name : SLES11: Security update for Mozilla Firefox
File : nvt/sles11_libfreebl3.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2014-A-0113 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0053309
2014-A-0055 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0049585
2014-A-0021 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0043921
2014-A-0009 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0043395
2013-A-0220 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042380
2012-A-0189 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0035032

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45539 - Type : SERVER-OTHER - Revision : 1
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45538 - Type : SERVER-OTHER - Revision : 1
2018-02-27 Mozilla Network Security Services heap underflow exploit attempt
RuleID : 45537 - Type : SERVER-OTHER - Revision : 1
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33806 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33805 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33804 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33803 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33802 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33801 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33800 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33799 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33798 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33797 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33796 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33795 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL export grade ciphersuite server negotiation attempt
RuleID : 33794 - Type : SERVER-OTHER - Revision : 6
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33793 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33792 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33791 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33790 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33789 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33788 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33787 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade ciphersuite attempt
RuleID : 33786 - Type : SERVER-OTHER - Revision : 5
2015-04-14 SSL request for export grade cipher suite attempt
RuleID : 33785 - Type : SERVER-OTHER - Revision : 6

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-1a7a5c54c2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2575edf8d3.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a78b2ef820.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-c72d2d89ec.nasl - Type: ACT_GATHER_INFO
2018-12-04 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-337-01.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2018-2898.nasl - Type: ACT_GATHER_INFO
2018-11-07 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1366.nasl - Type: ACT_GATHER_INFO
2018-11-06 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1358.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1095.nasl - Type: ACT_GATHER_INFO
2018-10-25 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1095.nasl - Type: ACT_GATHER_INFO
2018-10-10 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2898.nasl - Type: ACT_GATHER_INFO
2018-10-01 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2768.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-4a21a8ca59.nasl - Type: ACT_GATHER_INFO
2018-02-20 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201802-03.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201801-15.nasl - Type: ACT_GATHER_INFO
2017-10-24 Name: The remote AIX host has a version of bind installed that is affected by multi...
File: aix_bind_nettcp_advisory2.nasl - Type: ACT_GATHER_INFO
2017-08-23 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2235-1.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1100.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1364.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1365.nasl - Type: ACT_GATHER_INFO
2017-06-27 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1669-1.nasl - Type: ACT_GATHER_INFO
2017-06-23 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-848.nasl - Type: ACT_GATHER_INFO
2017-06-22 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-3336-1.nasl - Type: ACT_GATHER_INFO
2017-06-21 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201706-18.nasl - Type: ACT_GATHER_INFO