Executive Summary

Informations
Name MDVSA-2014:139 First vendor Publication 2014-07-29
Vendor Mandriva Last vendor Modification 2014-07-29
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been found and corrected in mozilla NSS:

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain (CVE-2014-1544).

The updated packages have been upgraded to the latest NSS (3.16.3) versions which is not vulnerable to this issue.

The nss 3.16.1 update done as part of MDVSA-2014:125 introduced a regression because of the upstream change: 'Imposed name constraints on the French government root CA ANSSI (DCISS)' The change wont work as currently implemented as the French government root CA signs more than 'gouv.fr' domains. So for now we revert that change until its properly fixed upstream (mga#13563).

Additionally the rootcerts package has also been updated to the latest version as of 2014-07-03, which adds, removes, and distrusts several certificates.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:139

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24914
 
Oval ID: oval:org.mitre.oval:def:24914
Title: Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Description: Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
Family: windows Class: vulnerability
Reference(s): CVE-2014-1544
Version: 7
Platform(s): Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s): Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25335
 
Oval ID: oval:org.mitre.oval:def:25335
Title: RHSA-2014:0916: nss and nspr security update (Critical)
Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS and NSPR are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0916-00
CESA-2014:0916
CVE-2014-1544
Version: 3
Platform(s): Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 7
Product(s): nspr
nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26268
 
Oval ID: oval:org.mitre.oval:def:26268
Title: USN-2343-1 -- nss vulnerability
Description: NSS could be made to crash or run programs as your login if it processed a specially crafted certificate.
Family: unix Class: patch
Reference(s): USN-2343-1
CVE-2014-1544
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27274
 
Oval ID: oval:org.mitre.oval:def:27274
Title: ELSA-2014-0916 -- nss and nspr security update (critical)
Description: nspr [4.10.2-4] - Rebase to nspr-4.10.6 - Resolves: Bug 1116199 [4.10.2-3] - Retagging - Resolves: rhbz#1032466 nss [3.15.3-7] - Remove an unused patch - Related: Bug 1116199 [3.15.3-6] - Fix race-condition in certificate validation - Resolves: Bug 1116199 [3.15.3-5] - Remove two unused patches - Resolves: Bug 1042683 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117)
Family: unix Class: patch
Reference(s): ELSA-2014-0916
CVE-2014-1544
Version: 3
Platform(s): Oracle Linux 5
Product(s): nspr
nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27684
 
Oval ID: oval:org.mitre.oval:def:27684
Title: DSA-3071-1 -- nss security update
Description: In nss, a set of libraries designed to support cross-platform development of security-enabled client and server applications, Tyson Smith and Jesse Schwartzentruber discovered a use-after-free vulnerability that allows remote attackers to execute arbitrary code by triggering the improper removal of an NSSCertificate structure from a trust domain.
Family: unix Class: patch
Reference(s): DSA-3071-1
CVE-2014-1544
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): nss
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 360
Application 10
Application 51
Application 252

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-07-24 IAVM : 2014-A-0113 - Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0053309

Nessus® Vulnerability Scanner

Date Description
2016-05-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16716.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-89.nasl - Type : ACT_GATHER_INFO
2015-03-19 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-059.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_firefox_20141216.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3071.nasl - Type : ACT_GATHER_INFO
2014-11-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0915.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1165.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2014-0979.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-385.nasl - Type : ACT_GATHER_INFO
2014-09-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2343-1.nasl - Type : ACT_GATHER_INFO
2014-08-12 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-487.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-201407-140730.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_firefox-201407-140729.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2996.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-476.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote openSUSE host is missing a security update.
File : suse_13_1_openSUSE-2014--140725.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote openSUSE host is missing a security update.
File : suse_12_3_openSUSE-2014--140725.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-139.nasl - Type : ACT_GATHER_INFO
2014-07-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2986.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0916.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_978b0f76122d11e4afe3bc5ff4fb5e7b.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_24_7_esr.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Mac OS X host contains a web browser that is affected by multiple ...
File : macosx_firefox_31.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Mac OS X host contains a mail client that is affected by multiple ...
File : macosx_thunderbird_24_7.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Mac OS X host contains a mail client that is affected by multiple ...
File : macosx_thunderbird_31_0.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_24_7_esr.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_31.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_24_7.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_31_0.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0916.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2296-1.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2295-1.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140722_nss_and_nspr_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140722_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0916.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-07-31 13:25:27
  • Multiple Updates
2014-07-29 17:21:16
  • First insertion