Executive Summary
Summary | |
---|---|
Title | nss and nspr security, bug fix, and enhancement update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:1135 | First vendor Publication | 2013-08-05 |
Vendor | RedHat | Last vendor Modification | 2013-08-05 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated nss and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-1620) An out-of-bounds memory read flaw was found in the way NSS decoded certain certificates. If an application using NSS decoded a malformed certificate, it could cause the application to crash. (CVE-2013-0791) Red Hat would like to thank the Mozilla project for reporting CVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter of CVE-2013-0791. This update also fixes the following bugs: * A defect in the FreeBL library implementation of the Diffie-Hellman (DH) protocol previously caused Openswan to drop connections. (BZ#958023) * A memory leak in the nssutil_ReadSecmodDB() function has been fixed. (BZ#986969) In addition, the nss package has been upgraded to upstream version 3.14.3, and the nspr package has been upgraded to upstream version 4.9.5. These updates provide a number of bug fixes and enhancements over the previous versions. (BZ#949845, BZ#924741) Note that while upstream NSS version 3.14 prevents the use of certificates that have an MD5 signature, this erratum includes a patch that allows such certificates by default. To prevent the use of certificates that have an MD5 signature, set the "NSS_HASH_ALG_SUPPORT" environment variable to "-MD5". Users of NSS and NSPR are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 908234 - CVE-2013-1620 nss: TLS CBC padding timing attack 924741 - Rebase to nspr-4.9.5 946947 - CVE-2013-0791 Mozilla: Out-of-bounds array read in CERT_DecodeCertPackage (MFSA 2013-40) 949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue 986969 - nssutil_ReadSecmodDB() leaks memory |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-1135.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-203 | Information Exposure Through Discrepancy |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17150 | |||
Oval ID: | oval:org.mitre.oval:def:17150 | ||
Title: | The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. | ||
Description: | The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0791 | Version: | 18 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18127 | |||
Oval ID: | oval:org.mitre.oval:def:18127 | ||
Title: | USN-1763-1 -- nss vulnerability | ||
Description: | NSS could be made to expose sensitive information over the network. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1763-1 CVE-2013-1620 | Version: | 7 |
Platform(s): | Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04 | Product(s): | nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21084 | |||
Oval ID: | oval:org.mitre.oval:def:21084 | ||
Title: | RHSA-2013:1135: nss and nspr security, bug fix, and enhancement update (Moderate) | ||
Description: | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1135-00 CESA-2013:1135 CVE-2013-0791 CVE-2013-1620 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21177 | |||
Oval ID: | oval:org.mitre.oval:def:21177 | ||
Title: | RHSA-2013:1144: nss, nss-util, nss-softokn, and nspr security update (Moderate) | ||
Description: | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:1144-00 CESA-2013:1144 CVE-2013-0791 CVE-2013-1620 | Version: | 31 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | nspr nss nss-softokn nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22788 | |||
Oval ID: | oval:org.mitre.oval:def:22788 | ||
Title: | ELSA-2013:1135: nss and nspr security, bug fix, and enhancement update (Moderate) | ||
Description: | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1135-00 CVE-2013-0791 CVE-2013-1620 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24119 | |||
Oval ID: | oval:org.mitre.oval:def:24119 | ||
Title: | ELSA-2013:1144: nss, nss-util, nss-softokn, and nspr security update (Moderate) | ||
Description: | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:1144-00 CVE-2013-0791 CVE-2013-1620 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | nspr nss nss-softokn nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25607 | |||
Oval ID: | oval:org.mitre.oval:def:25607 | ||
Title: | SUSE-SU-2013:0843-1 -- Security update for Mozilla Firefox | ||
Description: | Mozilla Firefox has been updated to the 17.0.6ESR security release. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0843-1 CVE-2013-0788 CVE-2013-0800 CVE-2013-0799 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0793 CVE-2013-0792 CVE-2013-0791 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25842 | |||
Oval ID: | oval:org.mitre.oval:def:25842 | ||
Title: | SUSE-SU-2013:0842-1 -- Security update for Mozilla Firefox | ||
Description: | Mozilla Firefox has been updated to the17.0.6ESR security release. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0842-1 CVE-2013-0788 CVE-2013-0800 CVE-2013-0799 CVE-2013-0797 CVE-2013-0796 CVE-2013-0795 CVE-2013-0794 CVE-2013-0793 CVE-2013-0792 CVE-2013-0791 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | Mozilla Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27269 | |||
Oval ID: | oval:org.mitre.oval:def:27269 | ||
Title: | DEPRECATED: ELSA-2013-1144 -- nss, nss-util, nss-softokn, and nspr security update (moderate) | ||
Description: | It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-1620) An out-of-bounds memory read flaw was found in the way NSS decoded certain certificates. If an application using NSS decoded a malformed certificate, it could cause the application to crash. (CVE-2013-0791) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1144 CVE-2013-0791 CVE-2013-1620 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | nspr nss nss-softokn nss-util |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27513 | |||
Oval ID: | oval:org.mitre.oval:def:27513 | ||
Title: | DEPRECATED: ELSA-2013-1135 -- nss and nspr security, bug fix, and enhancement update (moderate) | ||
Description: | nspr [4.9.2-4] - Resolves: rhbz#924741 - Rebase to nspr-4.9.5 nss [3.14.3-6] - Resolves: rhbz#986969 - nssutil_ReadSecmodDB() leaks memory [3.14.3-5] - Define -DNO_FORK_CHECK when compiling softoken for ABI compatibility - Remove the unused and obsolete nss-nochktest.patch - Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue [3.14.3-4] - Fix rpmdiff test reported failures and remove other unwanted changes - Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue [3.14.3-3] - Update to NSS_3_14_3_RTM - Rework the rebase to preserve needed idiosynchracies - Ensure we install frebl/softoken from the extra build tree - Don't include freebl static library or its private headers - Add patch to deal with system sqlite not being recent enough - Don't install nss-sysinit nor sharedb - Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue [3.14.3-2] - Restore the freebl-softoken source tar ball updated to 3.14.3 - Renumbering of some sources for clarity - Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue [3.14.3-1] - Update to NSS_3_14_3_RTM - Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-1135 CVE-2013-0791 CVE-2013-1620 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-04-17 | IAVM : 2014-A-0055 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0049585 |
2014-01-16 | IAVM : 2014-A-0009 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0043395 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0015_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0850-1.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_nss_20140809.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1181.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15630.nasl - Type : ACT_GATHER_INFO |
2014-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-19.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-309.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-266.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-265.nasl - Type : ACT_GATHER_INFO |
2013-12-14 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131212_nss__nspr__and_nss_util_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1829.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1829.nasl - Type : ACT_GATHER_INFO |
2013-12-13 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1829.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131205_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-12-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1791.nasl - Type : ACT_GATHER_INFO |
2013-12-06 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2013-0015.nasl - Type : ACT_GATHER_INFO |
2013-12-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1791.nasl - Type : ACT_GATHER_INFO |
2013-12-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1791.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-217.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-216.nasl - Type : ACT_GATHER_INFO |
2013-09-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-23.nasl - Type : ACT_GATHER_INFO |
2013-08-09 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130807_nss__nss_util__nss_softokn__and_nspr_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-08-08 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1144.nasl - Type : ACT_GATHER_INFO |
2013-08-08 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1144.nasl - Type : ACT_GATHER_INFO |
2013-08-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1144.nasl - Type : ACT_GATHER_INFO |
2013-08-06 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1135.nasl - Type : ACT_GATHER_INFO |
2013-08-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1135.nasl - Type : ACT_GATHER_INFO |
2013-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1135.nasl - Type : ACT_GATHER_INFO |
2013-08-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130805_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-07-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130628-130702.nasl - Type : ACT_GATHER_INFO |
2013-05-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130516-130516.nasl - Type : ACT_GATHER_INFO |
2013-05-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20130516-8578.nasl - Type : ACT_GATHER_INFO |
2013-05-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130516-130517.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-050.nasl - Type : ACT_GATHER_INFO |
2013-04-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-20130404-130404.nasl - Type : ACT_GATHER_INFO |
2013-04-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1791-1.nasl - Type : ACT_GATHER_INFO |
2013-04-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_firefox-20130404-8537.nasl - Type : ACT_GATHER_INFO |
2013-04-08 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_949764339c7411e2a9fcd43d7e0c7c02.nasl - Type : ACT_GATHER_INFO |
2013-04-05 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1786-2.nasl - Type : ACT_GATHER_INFO |
2013-04-05 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1786-1.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_5_esr.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_20.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Windows host contains a web browser that is potentially affected b... File : seamonkey_217.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_17_0_5_esr.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Mac OS X host contains a mail client that is potentially affected ... File : macosx_thunderbird_17_0_5.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1705.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1705_esr.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_20.nasl - Type : ACT_GATHER_INFO |
2013-04-04 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1705_esr.nasl - Type : ACT_GATHER_INFO |
2013-03-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1763-1.nasl - Type : ACT_GATHER_INFO |
2013-03-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-3079.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2013-2929.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:57:23 |
|
2014-01-17 13:24:25 |
|
2013-08-05 21:20:30 |
|