oval:org.mitre.oval:def:26436

Definition Id: oval:org.mitre.oval:def:26436
 
Oval ID: oval:org.mitre.oval:def:26436
Title: SUSE-SU-2014:1220-3 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-3
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17270
 
Oval ID: oval:org.mitre.oval:def:17270
Title: SUSE Linux Enterprise Server 11.x is installed
Description: SUSE Linux Enterprise Server 11.x is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:novell:suse_linux:11::server
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:26436
Definition Id: oval:org.mitre.oval:def:1368
 
Oval ID: oval:org.mitre.oval:def:1368
Title: SUSE Linux Enterprise Server 10 is installed
Description: SUSE Linux Enterprise Server 10 is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:novell:suse_linux:10::server
Version: 6
Platform(s): SUSE Linux Enterprise Server 10
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:26436